www.controle.50emais.com.br Open in urlscan Pro
190.89.238.22 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.controle.50emais.com.br/
Submission: On November 22 via automatic, source certstream-suspicious (November 22nd 2021, 7:50:00 pm UTC) — Scanned from DE

Summary HTTP 519 Redirects Links 60 Behaviour Indicators

Summary

This website contacted 68 IPs in 10 countries across 64 domains to perform 519 HTTP transactions. The main IP is 190.89.238.22, located in Brazil and belongs to Under Servicos de Internet Ltda, BR. The main domain is www.controle.50emais.com.br.
TLS certificate: Issued by R3 on November 22nd 2021. Valid for: 3 months.

This is the only time www.controle.50emais.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	190.89.238.22 190.89.238.22	28209 (Under Ser...) (Under Servicos de Internet Ltda)
66	2606:4700:303... 2606:4700:3033::ac43:a59d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
47	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:e79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
25 77	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1 3	13.35.253.75 13.35.253.75	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	37.252.161.190 37.252.161.190	29990 (ASN-APPNEX) (ASN-APPNEX)
10 24	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
8	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2 2	34.247.120.79 34.247.120.79	16509 (AMAZON-02) (AMAZON-02)
1 2	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
7	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
98	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
4 8	52.29.24.121 52.29.24.121	16509 (AMAZON-02) (AMAZON-02)
16 30	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
8	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	116.202.48.214 116.202.48.214	24940 (HETZNER-AS) (HETZNER-AS)
1	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
1 5	138.201.63.150 138.201.63.150	24940 (HETZNER-AS) (HETZNER-AS)
1	217.79.188.59 217.79.188.59	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	217.79.188.54 217.79.188.54	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	46.4.10.49 46.4.10.49	24940 (HETZNER-AS) (HETZNER-AS)
3	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
5 5	2a05:d018:d29... 2a05:d018:d29:3605:14b1:76c0:1806:81d9	16509 (AMAZON-02) (AMAZON-02)
5 5	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
2 2	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	18.158.154.136 18.158.154.136	16509 (AMAZON-02) (AMAZON-02)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3 5	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	52.18.11.109 52.18.11.109	16509 (AMAZON-02) (AMAZON-02)
2 5	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 2	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
2 3	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
3	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 3	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:211... 2600:9000:211e:8e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
4 11	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
2 3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2620:119:50e8... 2620:119:50e8:101::9002:f05	14413 (LINKEDIN) (LINKEDIN)
5 5	35.156.121.212 35.156.121.212	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.46.154.242 52.46.154.242	16509 (AMAZON-02) (AMAZON-02)
1 1	64.202.112.63 64.202.112.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	85.114.131.235 85.114.131.235	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	78.46.111.106 78.46.111.106	24940 (HETZNER-AS) (HETZNER-AS)
1	185.86.138.120 185.86.138.120	201081 (SMARTADSE...) (SMARTADSERVER)
3 3	3.120.29.221 3.120.29.221	16509 (AMAZON-02) (AMAZON-02)
2 2	72.251.244.142 72.251.244.142	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 4	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
1 2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	51.178.130.209 51.178.130.209	16276 (OVH) (OVH)
1 1	80.158.66.20 80.158.66.20	34086 (SCZN-AS) (SCZN-AS)
1 1	62.149.0.72 62.149.0.72	() ()
4	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
10	37.157.2.248 37.157.2.248	198622 (ADFORM) (ADFORM)
1	51.68.117.182 51.68.117.182	16276 (OVH) (OVH)
4	52.218.37.170 52.218.37.170	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
6	2606:4700::68... 2606:4700::6810:ef3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
519	68

10 190.89.238.22 (Brazil)

ASN28209 (Under Servicos de Internet Ltda, BR)
PTR: br88.serverdo.in

www.controle.50emais.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
controle.50emais.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 2606:4700:3033::ac43:a59d (United States)

ASN13335 (CLOUDFLARENET, US)

50emais.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:e79 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.premiumads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

77 142.250.186.98 (United States) 25 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.253.75 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-75.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.161.190 (Southall, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 37.252.173.27 (Frankfurt am Main, Germany) 10 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.120.79 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-120-79.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.39.36.141 (Los Angeles, United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

98 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.29.24.121 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-24-121.eu-central-1.compute.amazonaws.com

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2.18.234.21 (Frankfurt am Main, Germany) 16 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.202.48.214 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.150 (Hockenheim, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de

hal90008.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.59 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.54 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com

ad13.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de

hal90001.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a05:d018:d29:3605:14b1:76c0:1806:81d9 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.4.29 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.154.136 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-154-136.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.11.109 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:d05 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.184 (United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.105.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.44 (United Kingdom) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.193.173 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:8e00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 76.223.111.18 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.70 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:119:50e8:101::9002:f05 (San Francisco, United States)

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.156.121.212 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-121-212.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.154.242 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.63 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.131.235 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21039.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.111.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.120 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.29.221 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-29-221.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.142 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.117 (Hockenheim, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

ad3.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.178.130.209 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3169999.ip-51-178-130.eu

creative.mlsat02.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.mlsat02.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.158.66.20 (Germany) 1 redirects

ASN34086 (SCZN-AS, DE)

ebs08.telekom.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.0.72 (None, ) 1 redirects

ASN- ()

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.117.182 (France)

ASN16276 (OVH, FR)

aaa.artefact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.218.37.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-3-w.amazonaws.com

rechtstexte.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
104	doubleclick.net 27 redirects stats.g.doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net 5994599.fls.doubleclick.net	315 KB
98	2mdn.net s0.2mdn.net	470 KB
85	googlesyndication.com pagead2.googlesyndication.com 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com tpc.googlesyndication.com	588 KB
76	50emais.com.br www.controle.50emais.com.br controle.50emais.com.br 50emais.com.br	2 MB
30	casalemedia.com 16 redirects dsum-sec.casalemedia.com	27 KB
28	adnxs.com 10 redirects prebid.adnxs.com ib.adnxs.com acdn.adnxs.com	43 KB
19	adform.net 5 redirects c1.adform.net track.adform.net s1.adform.net	153 KB
15	google.com analytics.google.com adservice.google.com www.google.com	2 KB
11	3lift.com 4 redirects eb2.3lift.com	5 KB
11	redintelligence.net 1 redirects hal9000.redintelligence.net hal90008.redintelligence.net hal90001.redintelligence.net	18 KB
9	yahoo.com 8 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com cms.analytics.yahoo.com	6 KB
8	adtriba.com 4 redirects d.adtriba.com	3 KB
7	googletagservices.com www.googletagservices.com	255 KB
7	google-analytics.com www.google-analytics.com	20 KB
6	navdmp.com tag.navdmp.com usr.navdmp.com cdn.navdmp.com sync2.navdmp.com sync.navdmp.com	6 KB
6	google.de www.google.de adservice.google.de	2 KB
6	googletagmanager.com www.googletagmanager.com	314 KB
5	ad-srv.net 1 redirects ad.ad-srv.net ad3.ad-srv.net	7 KB
5	bidswitch.net 5 redirects x.bidswitch.net	3 KB
5	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	3 KB
5	turn.com 3 redirects ad.turn.com r.turn.com	2 KB
5	googleapis.com fonts.googleapis.com imasdk.googleapis.com ajax.googleapis.com	633 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
4	amazonaws.com rechtstexte.s3.amazonaws.com	172 KB
4	gstatic.com fonts.gstatic.com	71 KB
3	mlsat02.de 2 redirects creative.mlsat02.de tracking.mlsat02.de	1 KB
3	w55c.net 3 redirects pm.w55c.net	3 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	ctnsnet.com 3 redirects gcm.ctnsnet.com	553 B
3	quantserve.com cms.quantserve.com	884 B
3	blismedia.com 2 redirects tr.blismedia.com	933 B
3	dotomi.com dclk-match.dotomi.com	310 B
3	adition.com imagesrv.adition.com ad13.adfarm1.adition.com	11 KB
3	onetag-sys.com onetag-sys.com	2 KB
3	4dex.io script.4dex.io mp.4dex.io	24 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	awin1.com 1 redirects www.awin1.com	800 B
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	contentspread.net cdn.contentspread.net	96 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	858 B
2	openx.net 2 redirects rtb.openx.net	584 B
2	mathtag.com 2 redirects sync.mathtag.com pixel.mathtag.com	1 KB
2	simpli.fi 2 redirects um.simpli.fi	1 KB
2	everesttech.net 2 redirects pixel.everesttech.net sync-tm.everesttech.net	914 B
2	advertising.com 2 redirects pixel.advertising.com	939 B
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	smartadserver.com ssbsync-global.smartadserver.com ssbsync.smartadserver.com	150 B
2	rubiconproject.com 1 redirects pixel.rubiconproject.com	702 B
2	360yield.com 2 redirects ad.360yield.com	697 B
2	facebook.net connect.facebook.net	83 KB
2	taboola.com cdn.taboola.com	164 KB
2	premiumads.com.br tags.premiumads.com.br	137 KB
1	artefact.com aaa.artefact.com	1 KB
1	adtelligent.com 1 redirects sync.adtelligent.com	363 B
1	telekom.de 1 redirects ebs08.telekom.de	723 B
1	zemanta.com 1 redirects b1sync.zemanta.com	301 B
1	bing.com c.bing.com	592 B
1	linkedin.com px.ads.linkedin.com	598 B
1	smaato.net 1 redirects s.ad.smaato.net	441 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	584 B
1	1rx.io 1 redirects sync.1rx.io	699 B
1	sitescout.com pixel-sync.sitescout.com	191 B
1	googleadservices.com partner.googleadservices.com	441 B
1	ampproject.org cdn.ampproject.org	8 KB
519	64

	Domain	Requested by
98	s0.2mdn.net	www.controle.50emais.com.br s0.2mdn.net 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
71	cm.g.doubleclick.net	25 redirects googleads.g.doubleclick.net 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com www.controle.50emais.com.br eb2.3lift.com
66	50emais.com.br	www.controle.50emais.com.br 50emais.com.br
47	pagead2.googlesyndication.com	www.controle.50emais.com.br pagead2.googlesyndication.com 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
30	dsum-sec.casalemedia.com	16 redirects googleads.g.doubleclick.net
30	tpc.googlesyndication.com	011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com www.controle.50emais.com.br googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
24	ib.adnxs.com	10 redirects tags.premiumads.com.br www.controle.50emais.com.br onetag-sys.com googleads.g.doubleclick.net eb2.3lift.com acdn.adnxs.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com www.controle.50emais.com.br
11	eb2.3lift.com	4 redirects tags.premiumads.com.br eb2.3lift.com
10	s1.adform.net	tracking.mlsat02.de s1.adform.net www.controle.50emais.com.br
9	www.google.com	www.controle.50emais.com.br 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com tpc.googlesyndication.com
9	controle.50emais.com.br	www.controle.50emais.com.br
8	googleads4.g.doubleclick.net	www.controle.50emais.com.br
8	d.adtriba.com	4 redirects 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
8	011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	www.googletagservices.com	011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com www.controle.50emais.com.br
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	www.googletagmanager.com	www.controle.50emais.com.br www.googletagmanager.com
5	x.bidswitch.net	5 redirects
5	c1.adform.net	5 redirects
5	pr-bh.ybp.yahoo.com	5 redirects
5	hal90008.redintelligence.net	1 redirects 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com hal90008.redintelligence.net
5	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
5	securepubads.g.doubleclick.net	tags.premiumads.com.br securepubads.g.doubleclick.net
4	rechtstexte.s3.amazonaws.com	s1.adform.net ad3.ad-srv.net
4	track.adform.net	ad3.ad-srv.net s1.adform.net
4	ad3.ad-srv.net	1 redirects 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com ad3.ad-srv.net
4	5994599.fls.doubleclick.net	2 redirects www.controle.50emais.com.br
4	hal90001.redintelligence.net	hal9000.redintelligence.net hal90001.redintelligence.net
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	fonts.gstatic.com	fonts.googleapis.com
3	pm.w55c.net	3 redirects
3	match.adsrvr.org	2 redirects 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
3	gcm.ctnsnet.com	3 redirects
3	cms.quantserve.com	011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
3	tr.blismedia.com	2 redirects 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
3	a.tribalfusion.com	2 redirects 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
3	ad.turn.com	3 redirects
3	ups.analytics.yahoo.com	3 redirects
3	dclk-match.dotomi.com	011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
3	onetag-sys.com	tags.premiumads.com.br
3	prebid.adnxs.com	tags.premiumads.com.br www.controle.50emais.com.br
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com www.controle.50emais.com.br
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	www.google.de	www.controle.50emais.com.br
3	fonts.googleapis.com	www.controle.50emais.com.br
2	tag.navdmp.com	tags.premiumads.com.br tag.navdmp.com
2	mug.criteo.com	www.controle.50emais.com.br
2	gum.criteo.com	1 redirects
2	tracking.mlsat02.de	1 redirects ad3.ad-srv.net
2	www.awin1.com	1 redirects ad3.ad-srv.net
2	tracking.m6r.eu	2 redirects
2	cdn.contentspread.net	hal90001.redintelligence.net hal90008.redintelligence.net
2	s.amazon-adsystem.com	1 redirects eb2.3lift.com
2	rtb.openx.net	2 redirects
2	um.simpli.fi	2 redirects
2	s.tribalfusion.com	www.controle.50emais.com.br
2	r.turn.com	www.controle.50emais.com.br
2	pixel.advertising.com	2 redirects
2	ap.lijit.com	2 redirects
2	ad13.adfarm1.adition.com	011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com ad13.adfarm1.adition.com
2	hal9000.redintelligence.net	011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
2	pixel.rubiconproject.com	1 redirects www.controle.50emais.com.br
2	ad.360yield.com	2 redirects
2	script.4dex.io	tags.premiumads.com.br script.4dex.io
2	connect.facebook.net	50emais.com.br connect.facebook.net
2	cdn.taboola.com	tags.premiumads.com.br cdn.taboola.com
2	tags.premiumads.com.br	www.controle.50emais.com.br tags.premiumads.com.br
1	cms.analytics.yahoo.com	www.controle.50emais.com.br
1	sync.navdmp.com	www.controle.50emais.com.br
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com	www.controle.50emais.com.br
1	cdn.navdmp.com	tag.navdmp.com
1	usr.navdmp.com	tag.navdmp.com
1	acdn.adnxs.com	tags.premiumads.com.br
1	aaa.artefact.com	ad3.ad-srv.net
1	sync.adtelligent.com	1 redirects
1	ebs08.telekom.de	1 redirects
1	creative.mlsat02.de	1 redirects
1	ssbsync.smartadserver.com	011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
1	ad.ad-srv.net	www.controle.50emais.com.br
1	ajax.googleapis.com	hal90008.redintelligence.net
1	b1sync.zemanta.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	px.ads.linkedin.com	eb2.3lift.com
1	s.ad.smaato.net	1 redirects
1	sync.mathtag.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.1rx.io	1 redirects
1	pixel-sync.sitescout.com	011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	pixel.everesttech.net	1 redirects
1	imagesrv.adition.com	011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
1	ssbsync-global.smartadserver.com	www.controle.50emais.com.br
1	mp.4dex.io	tags.premiumads.com.br
1	imasdk.googleapis.com	tags.premiumads.com.br
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	analytics.google.com	www.googletagmanager.com
1	cdn.ampproject.org	www.controle.50emais.com.br
1	www.controle.50emais.com.br
519	100

This site contains links to these domains. Also see Links.

Domain
controle.50emais.com.br
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
50emais.com.br

Subject Issuer	Validity	Valid
controle.50emais.com.br R3	`2021-11-22` - `2022-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-17` - `2022-06-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
premiumads.com.br Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-01` - `2021-11-30`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2020-03-29` - `2022-03-29`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
redintelligence.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G2	`2021-04-15` - `2022-05-17`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G2	`2021-05-21` - `2022-06-22`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-10-25` - `2022-01-23`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-16` - `2022-03-16`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
contentspread.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
ad-srv.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
tracking.mlsat02.de Sectigo RSA Organization Validation Secure Server CA	`2019-09-06` - `2021-12-04`	2 years	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
aaa.artefact.com R3	`2021-09-25` - `2021-12-24`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-03-22` - `2022-03-03`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh

This page contains 51 frames:

Primary Page: https://www.controle.50emais.com.br/
Frame ID: FA60F9870DD2DB9D855A9704CD81A6B2
Requests: 157 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: CCD818431963624A78832FD77C9DBEC0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6507649514585438&output=html&adk=1812271804&adf=3025194257&lmt=1637610591&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.controle.50emais.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637610590954&bpp=4&bdt=914&idt=203&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3494282093130&frm=20&pv=2&ga_vid=1954475619.1637610591&ga_sid=1637610591&ga_hid=243192760&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754332%2C31063792&oid=2&pvsid=216886627718645&pem=917&tmod=1278409765&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=222
Frame ID: B06810B278EAD61E5427FAB07B892780
Requests: 1 HTTP requests in this frame

Frame: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7EC72403B5006A9E5204EE8CCE1D4F03
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24%7BUSER_TOKEN%7D
Frame ID: 4B12044499BAA7A75CA884030A03C0D2
Requests: 2 HTTP requests in this frame

Frame: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5E7924510C1C8C82E0D796B1CC698DA3
Requests: 13 HTTP requests in this frame

Frame: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B517C23D45F5D3DF046F8A2A0BE33B4C
Requests: 14 HTTP requests in this frame

Frame: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2483EC4675EF3CA857EE6FBDC0CBCB91
Requests: 13 HTTP requests in this frame

Frame: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 24D939F649422BAEA1EAC2F10DEF3E6E
Requests: 1 HTTP requests in this frame

Frame: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FB627FC4908B4D3D2FE41F182F1C6390
Requests: 13 HTTP requests in this frame

Frame: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 913DA55EF3286D050FEC10AF95CD99C0
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWkSjpDT4FBkG2yQ42VubmtftToq346aXllJ-xn_bblz3iTSZMcx5FflnlW0ccd_uFFisdTV-TPhxFtMP589A88HBIipHd7VU3InUr1NpPkTvwEWxuc4hOPXUGTMpJctuOJUKqpQj9qP_DThbIXTGfg7BG9WueL6EkudAjvNX9rA6njjAo
Frame ID: 8AC5A917E82D3FAD72D3B1F6D34C69C0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi6h5mxATAB&v=APEucNUWNDDXIAC3PReWm5NvlXweHzdbn0BfT0D5PU-5kFv-RD0jzBt9eHeI2kVYbhccuHz82f5tM2l42DcC0n4yPpNYcSHw-k_iEeKXHX94MnmwIj_uFKqXWzR-i1tXlEk27W6By1NMYExUtGVBZjvi8_K0W02BNqh_CWpP2Uk7xHcpidBO46o
Frame ID: DA6A4C076EECBA28DC124DB7D4E20294
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNVA30ct49jp7sblJINHDDpEu9x1aFmMg2ZMfB8QftGBP15Xkv06BjaYwRVjdGn5KLchvwLC8OJB7o0ylncLUyL-QhDJpIxxonNXe3nYV-zgz3JmHZm0XZaTdRHM2CMd-uebbPIzUO9gF9tF4D1csX7IyBwVfFAlXy98nAiKhOwAfEjiJtA
Frame ID: 49775242C0A019CDD3C9ECD6287D15B1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiVrJmxATAB&v=APEucNWJYDQl4COurMWZG8FWKi4sy-easONDN1g6sZQEQBtjwlsLWCAuxeu0mbblA5TfI6APFXf-7zq1mrH7nE80R7DfvdqC09N-lGYYLs4vpt6hlnY4KJ34fhad9i2afdzmygKfuP4CLqYr4aEMzAUcyGgh9A2h3CneXPv5jKitVo5u8PUccb4
Frame ID: 847C1B0C2F2DCDB6BDD6A8F61FABB533
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Frame ID: 1DE7211C75804BDE324F8BD99C053E7E
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi6h5mxATAB&v=APEucNWxX6ifobdoRDnovLoNeFg6qmybkl46mjzbnxp8jeN9_pBfvlzfkqwemMmpOU7m08H7e1qqkmUq2AW9nCT8KxP4bchs1-TGB7wrslFAftrxFQkvZQ5fFZ1QQ9ZT-KtBkIwjAXx69DBuhM2Iz7UrcOcsgFIlT7tjIWlm6H7eAbW7Ys-_QG8
Frame ID: 08A24762FBD8B8F7234F325023CEA8BD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi6h5mxATAB&v=APEucNWviu0qJ1eYhC97dshtlGfmN68y6nq7Qay0anKB5EkhVKBuqsc9-_P1MwBc7u9FwH0g9r98z5No_T6UBf1VW3b0shbdOV122pkmEnmmQLK5w3t5ELxvZt9p4ZadgUce5BNvJQmD-6hujqf4h85S3_s9jmHXvuT65ImvF62zku7dQMv3QkU
Frame ID: 46F43CF5DF2ED92D0770E370E235B585
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
Frame ID: F2EF4A287E52DCB584E736DA2DBAE1AF
Requests: 22 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
Frame ID: C35F311EE2A85E33A13AF6C6E9FF9B48
Requests: 26 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
Frame ID: 3AA6B25DD42D9F6EEC6690D59A351E15
Requests: 22 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
Frame ID: 5BD353E87E5A298C93182C5ABDB2FC71
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E313C0A500CD12DFD575CE41DA07C3F9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3B8DF8D12CA548E8239CDD45C5F3E0E6
Requests: 9 HTTP requests in this frame

Frame: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1A0F89D26BB920C31D6D887B09E94DF4
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 897FAE0EAAC47C47BDA2C37A17CBFA0E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AFD22BA14307C2B3A0893FA3AD8AFAAC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A574537ECCBBC53525E1FB92BB57D73B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0AB5DBAEE1FD2C503AC685A50A8EC148
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 77F806F10CC645437152465CA9CB5EB8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 51C15D00BF099429C0433144114C27F4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EE065537801224F6770A32F9ECBF4048
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9AFEE0F5C3713DC428416F9733D669B3
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhjc_c27ATAB&v=APEucNXLH27n_afp2VUc_6LbMWwcjC4UqruTdzrNmxTX4eFTC6ObGLrUhbZhfBTQ728tju0CGMTo8pomE5qpJZ9vX6V1K35IP_jVNGJILm0xnDTcisZ6n8IOF_I7NC28Poj01mg9FDwPjwP5NPHwweB_tY7CpfCZlFyt7Y-hx-1_2ppomg4Oe0I
Frame ID: ABF49196158304C42893FD3F80E3497E
Requests: 5 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Frame ID: 8E301138AB5939DEBB8BD9D591E36B5F
Requests: 12 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLbAzu3erPQCFXQcBgAd3I4Nrg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6191729192893.931
Frame ID: 1D4FCEA225FA136C97D4451A42A6F15D
Requests: 2 HTTP requests in this frame

Frame: https://hal90001.redintelligence.net/request_content.php?s=17138600208629500710616011786001&a=4171ec3d
Frame ID: E105E40EB48A0604BC1BB4CB2B7CABBB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9B199C3C68AA597FE1B5E992905323ED
Requests: 9 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjAzu3erPQCFTIgBgAdMwcGjA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4388042477225.982
Frame ID: BBA2BD5A3F729CCBBD5CA3FAAEAA4A0D
Requests: 2 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=14541200197103000710612011786008&a=37e5b2c4
Frame ID: 25117343454F08C49138633595A1291E
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DFD822ACEC4A4EC837B1635672F09389
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BB517C8159EEF7E57C0F941705708977
Requests: 3 HTTP requests in this frame

Frame: https://tracking.mlsat02.de/onepixel.gif
Frame ID: 9D785DA2FC7517A02F468716759283ED
Requests: 1 HTTP requests in this frame

Frame: https://ad3.ad-srv.net/request_content.php?s=24479700155119200383828011786003&a=beecaf54
Frame ID: 9170FC785C77071D7EED0A53800F145D
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A84106EC3FD751C7E35017D9C45DCAEE
Requests: 9 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=adtelligent&gdpr=&gdpr_consent=&uid=406809d7cf964f80
Frame ID: 9315544E45E49335648065B21026B503
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2068258/10483341/10483341.js?ADFassetID=10483341&bv=514
Frame ID: F3FE47DD8DDEFD8BDD7E6AE6F6DA3BA9
Requests: 12 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 347691F763C7641042AEEC3A59623ACD
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1637610592040
Frame ID: D6831D7CF101CA94BF288858770DD09B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5776FD19BA6F56BDE13846A5809BB9CD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 621B80150F8768411E887861294557AD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - 50emais

Page Statistics

519
Requests

83 %
HTTPS

38 %
IPv6

64
Domains

100
Subdomains

68
IPs

10
Countries

5747 kB
Transfer

15803 kB
Size

81
Cookies

60 Outgoing links

These are links going to different origins than the main page.

URL: https://controle.50emais.com.br/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/50emais

Search URL Search Domain Scan URL

URL: https://twitter.com/50emais

Search URL Search Domain Scan URL

URL: https://www.instagram.com/50emais/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCYtsMmwIT-T9YMqKSLnAitg

Search URL Search Domain Scan URL

URL: https://50emais.com.br/categoria/artigos/
Title: Artigos

Search URL Search Domain Scan URL

URL: https://50emais.com.br/categoria/comportamento/
Title: Comportamento

Search URL Search Domain Scan URL

URL: https://50emais.com.br/categoria/cultura/
Title: Cultura

Search URL Search Domain Scan URL

URL: https://50emais.com.br/categoria/entrevistas/
Title: Entrevistas

Search URL Search Domain Scan URL

URL: https://50emais.com.br/categoria/historiadevida/
Title: História de Vida

Search URL Search Domain Scan URL

URL: https://50emais.com.br/categoria/moda/
Title: Moda

Search URL Search Domain Scan URL

URL: https://50emais.com.br/categoria/saude/
Title: Saúde

Search URL Search Domain Scan URL

URL: https://50emais.com.br/categoria/viagemelazer/
Title: Viagem e Lazer

Search URL Search Domain Scan URL

URL: https://50emais.com.br/categoria/videos/
Title: Vídeos

Search URL Search Domain Scan URL

URL: https://50emais.com.br/todos-os-posts/
Title: Geral

Search URL Search Domain Scan URL

URL: https://50emais.com.br/
Title: <img src="https://50emais.com.br/wp-content/uploads/2021/02/logo-3-menor.png" alt="50emais"/>

Search URL Search Domain Scan URL

URL: https://50emais.com.br/anuncie/
Title: Anuncie no Site

Search URL Search Domain Scan URL

URL: https://50emais.com.br/contato/
Title: Contato

Search URL Search Domain Scan URL

URL: https://50emais.com.br/cancer-mata-jornalista-cristiana-lobo-aos-62-anos/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/o-que-mais-me-preocupa-no-processo-de-envelhecimento-sao-as-falhas-da-memoria/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/retirada-de-bolsas-e-excesso-de-pele-na-area-dos-olhos-e-simples-e-alivia-a-aparencia/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/marilia-mendonca-traduziu-a-cumplicidade-feminina-em-musicas-que-ganharam-o-pais/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/gosta-de-viajar-veja-as-dicas-uteis-de-um-casal-aposentado-que-vive-viajando/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/somos-acionistas-da-nossa-sobrevivencia/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/demitida-de-alto-cargo-ela-encontrou-seu-rumo-profissional-fazendo-terco-budista/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/atraidos-pelas-condicoes-de-vida-em-portugal-brasileiros-aposentados-vao-viver-la/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/atriz-responde-a-criticas-por-estar-grisalha-o-que-vou-fazer-parar-de-envelhecer/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/rainha-da-ausencia/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/confissoes-de-uma-avo-desfruto-da-minha-heranca-ao-ver-os-filhos-de-meus-filhos/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/envelhecer-e-viver-com-entusiasmo-com-esse-deus-dentro-entusiasmo-quer-dizer-isso/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/author/equipe/
Title: Equipe

Search URL Search Domain Scan URL

URL: https://50emais.com.br/aos-95-rainha-recusa-titulo-de-velhinha-do-ano-porque-nao-se-sente-velha/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/sete-habitos-que-aceleram-o-envelhecimento-da-pele-o-maior-espelho-da-idade/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/as-lembrancas-que-tenho-do-meu-avo-sao-bem-engracadas-e-ate-afetuosas/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/contra-a-vontade-da-atriz-filho-de-gina-lollobrigida-94-administrara-fortuna-da-mae/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/mais-de-20-anos-depois-de-se-separar-chico-buarque-casa-se-pela-segunda-vez/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/sugestoes-de-cortes-de-cabelos-curtos-para-enfrentar-a-nossa-estacao-mais-quente/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/no-dia-dos-mortos-a-homenagem-comovente-de-uma-fabulosa-atriz/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/conheca-rita-mesquita-a-senhora-da-floresta/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/leilane-neubarth-comanda-o-tempo-que-a-gente-tem-programa-sobre-o-envelhecer/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/author/maya-santana/
Title: Maya Santana

Search URL Search Domain Scan URL

URL: https://50emais.com.br/categoria/saude
Title: Saúde

Search URL Search Domain Scan URL

URL: https://50emais.com.br/medica-lanca-pequeno-manual-para-ensinar-como-envelhecer-com-mais-alegria/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/helena-schargel-81-anos-empreendedora-se-eu-posso-voce-tambem-pode/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/categoria/cultura
Title: Cultura

Search URL Search Domain Scan URL

URL: https://50emais.com.br/categoria/historia-de-vida
Title: História de vida

Search URL Search Domain Scan URL

URL: https://50emais.com.br/aos-66-paulina-chiziane-ganha-o-mais-importante-premio-da-lingua-portuguesa/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/sandra-passarinho-entrevista-a-medica-e-cientista-da-fiocruz-margareth-dalcolmo/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/aos-75-atriz-helen-mirren-da-um-show-em-la-vacinada-e-o-clipe-comedia-viraliza/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/evite-estes-10-tipos-de-roupas-pois-deixam-a-mulher-deselegante/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/cabelo-bem-cortado-e-fundamental-na-aparencia-veja-os-varios-cortes/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/cabelos-curtissimos-para-voce-que-gosta-de-praticidade-e-estilo/

Search URL Search Domain Scan URL

URL: https://50emais.com.br/categoria/meu-olhar/
Title: <img width="600" height="260" src="https://50emais.com.br/wp-content/uploads/2021/01/meu-olhar2.png" class="image wp-image-61010 attachment-full size-full" alt="" style="max-width: 100%; height: auto;" srcset="https://50emais.com.br/wp-content/uploads/2021/01/meu-olhar2.png 600w, https://50emais.com.br/wp-content/uploads/2021/01/meu-olhar2-300x130.png 300w, https://50emais.com.br/wp-content/uploads/2021/01/meu-olhar2-585x254.png 585w" sizes="(max-width: 600px) 100vw, 600px" />

Search URL Search Domain Scan URL

URL: https://50emais.com.br/categoria/cronicas-de-ingo/
Title: <img width="842" height="260" src="https://50emais.com.br/wp-content/uploads/2021/06/WhatsApp-Image-2021-06-05-at-11.48.59.jpeg" class="image wp-image-65451 attachment-full size-full" alt="" style="max-width: 100%; height: auto;" srcset="https://50emais.com.br/wp-content/uploads/2021/06/WhatsApp-Image-2021-06-05-at-11.48.59.jpeg 842w, https://50emais.com.br/wp-content/uploads/2021/06/WhatsApp-Image-2021-06-05-at-11.48.59-300x93.jpeg 300w, https://50emais.com.br/wp-content/uploads/2021/06/WhatsApp-Image-2021-06-05-at-11.48.59-768x237.jpeg 768w, https://50emais.com.br/wp-content/uploads/2021/06/WhatsApp-Image-2021-06-05-at-11.48.59-585x181.jpeg 585w, https://50emais.com.br/wp-content/uploads/2021/06/WhatsApp-Image-2021-06-05-at-11.48.59-500x154.jpeg 500w" sizes="(max-width: 842px) 100vw, 842px" />

Search URL Search Domain Scan URL

URL: https://50emais.com.br/categoria/envelhecer
Title: <img width="600" height="174" src="https://50emais.com.br/wp-content/uploads/2020/10/envelhecer.png" class="image wp-image-58030 attachment-full size-full" alt="" style="max-width: 100%; height: auto;" srcset="https://50emais.com.br/wp-content/uploads/2020/10/envelhecer.png 600w, https://50emais.com.br/wp-content/uploads/2020/10/envelhecer-300x87.png 300w, https://50emais.com.br/wp-content/uploads/2020/10/envelhecer-585x170.png 585w" sizes="(max-width: 600px) 100vw, 600px" />

Search URL Search Domain Scan URL

URL: https://50emais.com.br/categoria/50emaissaude/
Title: <img width="600" height="158" src="https://50emais.com.br/wp-content/uploads/2021/01/logo-50emais-saude2.png" class="image wp-image-61011 attachment-full size-full" alt="" style="max-width: 100%; height: auto;" srcset="https://50emais.com.br/wp-content/uploads/2021/01/logo-50emais-saude2.png 600w, https://50emais.com.br/wp-content/uploads/2021/01/logo-50emais-saude2-300x79.png 300w, https://50emais.com.br/wp-content/uploads/2021/01/logo-50emais-saude2-585x154.png 585w" sizes="(max-width: 600px) 100vw, 600px" />

Search URL Search Domain Scan URL

URL: https://50emais.com.br/categoria/mulheres
Title: <img width="600" height="435" src="https://50emais.com.br/wp-content/uploads/2020/10/mulheres-historicas.jpeg" class="image wp-image-58239 attachment-full size-full" alt="" style="max-width: 100%; height: auto;" srcset="https://50emais.com.br/wp-content/uploads/2020/10/mulheres-historicas.jpeg 600w, https://50emais.com.br/wp-content/uploads/2020/10/mulheres-historicas-300x218.jpeg 300w, https://50emais.com.br/wp-content/uploads/2020/10/mulheres-historicas-585x424.jpeg 585w" sizes="(max-width: 600px) 100vw, 600px" />

Search URL Search Domain Scan URL

URL: https://50emais.com.br/categoria/diario
Title: <img width="600" height="174" src="https://50emais.com.br/wp-content/uploads/2020/10/diario-de-maya.png" class="image wp-image-58029 attachment-full size-full" alt="" style="max-width: 100%; height: auto;" srcset="https://50emais.com.br/wp-content/uploads/2020/10/diario-de-maya.png 600w, https://50emais.com.br/wp-content/uploads/2020/10/diario-de-maya-300x87.png 300w, https://50emais.com.br/wp-content/uploads/2020/10/diario-de-maya-585x170.png 585w" sizes="(max-width: 600px) 100vw, 600px" />

Search URL Search Domain Scan URL

URL: https://50emais.com.br/novo/wp-content/uploads/2020/12/WhatsApp-Image-2020-12-15-at-18.16.52.jpeg
Title: <img width="578" height="309" src="https://50emais.com.br/wp-content/uploads/2020/12/Maya.jpeg" class="image wp-image-60700 attachment-full size-full" alt="" style="max-width: 100%; height: auto;" srcset="https://50emais.com.br/wp-content/uploads/2020/12/Maya.jpeg 578w, https://50emais.com.br/wp-content/uploads/2020/12/Maya-300x160.jpeg 300w" sizes="(max-width: 578px) 100vw, 578px" />

Search URL Search Domain Scan URL

URL: https://50emais.com.br/politica-de-privacidade/
Title: Leia mais

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 115

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1637610591554&ns_c=UTF-8&cv=3.5&c8=Home%20-%2050emais&c7=https%3A%2F%2Fwww.controle.50emais.com.br%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1637610591554&ns_c=UTF-8&cv=3.5&c8=Home%20-%2050emais&c7=https%3A%2F%2Fwww.controle.50emais.com.br%2F&c9=

Request Chain 127

https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&uid=0e98a8a5-2b96-45be-9582-8495d6fe9d95

Request Chain 153

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_l_alw-on HTTP 302
https://d.adtriba.com/px.gif

Request Chain 169

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_l_alw-on HTTP 302
https://d.adtriba.com/px.gif

Request Chain 180

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_l_alw-on HTTP 302
https://d.adtriba.com/px.gif

Request Chain 189

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_l_alw-on HTTP 302
https://d.adtriba.com/px.gif

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1&C=1

Request Chain 199

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZv0YMrO2EkNM3gfnnqPggAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFoIll3opPBPgSpX5ldyg14&google_cver=1

Request Chain 201

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

Request Chain 202

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1&C=1

Request Chain 203

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZv0YMrO2EkNM3gfnnqPggAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFoIll3opPBPgSpX5ldyg14&google_cver=1

Request Chain 205

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

Request Chain 208

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1&C=1

Request Chain 209

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZv0YMrO2EkNM3gfnnqPggAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1

Request Chain 210

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFoIll3opPBPgSpX5ldyg14&google_cver=1

Request Chain 211

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

Request Chain 216

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1

Request Chain 217

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZv0YcrO2EkNM3gfnnqPhwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1

Request Chain 218

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL89rWY9IwfNc6KfM6eS9BY&google_cver=1

Request Chain 219

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1

Request Chain 221

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZv0YcrO2EkNM3gfnnqPiQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1

Request Chain 222

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL89rWY9IwfNc6KfM6eS9BY&google_cver=1

Request Chain 223

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

Request Chain 226

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1

Request Chain 227

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZv0YcrO2EkNM3gfnnqPhwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1

Request Chain 228

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL89rWY9IwfNc6KfM6eS9BY&google_cver=1

Request Chain 229

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

Request Chain 232

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=3543708976642828025

Request Chain 255

https://hal90008.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=50511bbf4b&subid=&uid=65bb2b0bc04727a2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1iq1X_SbYcvlN8OF7gOrybGgCbXN-YNX_Ni5q-UM8C4QASD3lKwwYJWCi4KYB8gBCakCqJicWSHksj6oAwGqBPQBT9DAohe_XQs_LF1bF0nMF_n5sXTanRtmAzmgj_ppJfHOw1l9BldLZRiE3DVGcCmEn_U3IvTlLS5HbCLng-ewa6gE4R8J6mfzNaGV4aX4xPACncvnjR-j1aNK4tsHV39-NtaNCaqkI3zLqJpvt9_k9QSK6tyZvkVmJGUxi9dpgSy5WmzWXcwZ0jzgYR_cy2aKTnXLFv0eP1Kc14heHA6SnE_HXS4G1AwVuOny9GsKQ-P5AbXNMa47xIcHIRSGny1c7sMX65NqY8OBsolc6h02toVnA2HF8O1oKScMLGHspRt6zm0GqausJcjsqmS6uX1o1l2W78AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoqXuXqHsAYEXQgmrNzA2jSA%26sig%3DAOD64_2wQWlH35o3fYEtDiCnWYxroaBKHg%26client%3Dca-pub-3619045887187031%26dbm_c%3DAKAmf-CrK7fR_nd6OXuKEFDI8zJpESyyFl46vvv878jLp5tYStMH_ZPYbYYbJkt3uvF-80Erg4YLRcIbFMMZ_Wa1tJMeMH9aVGd-CJu4GvEhVmIz3bM6B9vpFxG1ODAi7GeVDrdSasayXo0jmIOPpINkoRpZQPyHCw%26cry%3D1%26dbm_d%3DAKAmf-DLlCuXfFZ4jDW12hOAboongVo4WPetiJgih8q6RGWIgWg2rTIwIEycBjwssICG5E8akfT_VcHmVHLzeajBYO9FuPxCkm1Wcf5bI_lBiMe_3U8d6tDdSWHX0RyuwXdxlamlqWR2YpIUDNYyDGRbWQsfnV7Q-BHUbAJHl_aaRD9srpvD8a7_crWcenR8Og--J5z5OeP7_XaMwo8VM-3YNQk0lgrPe7yHTR02PAVdvyZQE7URmdzDB3biHeR4QAmFOV35aiJpx5WTd3biwFAjrdbQQkavn1ZImAQanIIqV1z80R1wYWM4vDMt46c_LdF7uvG_gsCGknnL9rR7YK2kXyAST4_6ZecR7S4vfnMWCGYrVEPJJChNAqM2XYKJr4pDiCgXKIpSXMcviRlgQyYnAt7Q43NgzsCHKt1yU50UjGgxihXZVzTSNLdv8q2SLjykscD1NCMc173Ku9Q0n5E7bpMyEHDVvQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.controle.50emais.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.controle.50emais.com.br&random=9936501349065&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90008.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=50511bbf4b&subid=&uid=65bb2b0bc04727a2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1iq1X_SbYcvlN8OF7gOrybGgCbXN-YNX_Ni5q-UM8C4QASD3lKwwYJWCi4KYB8gBCakCqJicWSHksj6oAwGqBPQBT9DAohe_XQs_LF1bF0nMF_n5sXTanRtmAzmgj_ppJfHOw1l9BldLZRiE3DVGcCmEn_U3IvTlLS5HbCLng-ewa6gE4R8J6mfzNaGV4aX4xPACncvnjR-j1aNK4tsHV39-NtaNCaqkI3zLqJpvt9_k9QSK6tyZvkVmJGUxi9dpgSy5WmzWXcwZ0jzgYR_cy2aKTnXLFv0eP1Kc14heHA6SnE_HXS4G1AwVuOny9GsKQ-P5AbXNMa47xIcHIRSGny1c7sMX65NqY8OBsolc6h02toVnA2HF8O1oKScMLGHspRt6zm0GqausJcjsqmS6uX1o1l2W78AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoqXuXqHsAYEXQgmrNzA2jSA%26sig%3DAOD64_2wQWlH35o3fYEtDiCnWYxroaBKHg%26client%3Dca-pub-3619045887187031%26dbm_c%3DAKAmf-CrK7fR_nd6OXuKEFDI8zJpESyyFl46vvv878jLp5tYStMH_ZPYbYYbJkt3uvF-80Erg4YLRcIbFMMZ_Wa1tJMeMH9aVGd-CJu4GvEhVmIz3bM6B9vpFxG1ODAi7GeVDrdSasayXo0jmIOPpINkoRpZQPyHCw%26cry%3D1%26dbm_d%3DAKAmf-DLlCuXfFZ4jDW12hOAboongVo4WPetiJgih8q6RGWIgWg2rTIwIEycBjwssICG5E8akfT_VcHmVHLzeajBYO9FuPxCkm1Wcf5bI_lBiMe_3U8d6tDdSWHX0RyuwXdxlamlqWR2YpIUDNYyDGRbWQsfnV7Q-BHUbAJHl_aaRD9srpvD8a7_crWcenR8Og--J5z5OeP7_XaMwo8VM-3YNQk0lgrPe7yHTR02PAVdvyZQE7URmdzDB3biHeR4QAmFOV35aiJpx5WTd3biwFAjrdbQQkavn1ZImAQanIIqV1z80R1wYWM4vDMt46c_LdF7uvG_gsCGknnL9rR7YK2kXyAST4_6ZecR7S4vfnMWCGYrVEPJJChNAqM2XYKJr4pDiCgXKIpSXMcviRlgQyYnAt7Q43NgzsCHKt1yU50UjGgxihXZVzTSNLdv8q2SLjykscD1NCMc173Ku9Q0n5E7bpMyEHDVvQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.controle.50emais.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.controle.50emais.com.br&random=9936501349065&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 333

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGgKSqQXwQmL0tWiC2T31gk&google_cver=1&google_push=AYg5qPJPyI8ojpbtmOmBl9c1Vlv-R0GeV3j-MYdhIfY3H6_ToFV6Ep3--0Bz1hPKJ59fWsa5RkyR2mOIOKai_JOI6gitr5dPjRBq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJPyI8ojpbtmOmBl9c1Vlv-R0GeV3j-MYdhIfY3H6_ToFV6Ep3--0Bz1hPKJ59fWsa5RkyR2mOIOKai_JOI6gitr5dPjRBq&google_hm=NjA2MjQwOTU5MTMwNDIwNDYzMQ%3D%3D

Request Chain 334

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL0cA4GVxGN4FiXH3Ucrxsk&google_cver=1&google_push=AYg5qPLv8f0oalYLZqVlsoR1TWimqO1Nor8Imx4r9HsyHnbJz4G6MdiqdKAJpN1qjFObwbv3bwynwZZ-xRY77SCEMqnSErXQmLV1bA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEL0cA4GVxGN4FiXH3Ucrxsk&google_cver=1&google_push=AYg5qPLv8f0oalYLZqVlsoR1TWimqO1Nor8Imx4r9HsyHnbJz4G6MdiqdKAJpN1qjFObwbv3bwynwZZ-xRY77SCEMqnSErXQmLV1bA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjQ4NjQ3NTUzMDI2NzQ0Nw&google_push=AYg5qPLv8f0oalYLZqVlsoR1TWimqO1Nor8Imx4r9HsyHnbJz4G6MdiqdKAJpN1qjFObwbv3bwynwZZ-xRY77SCEMqnSErXQmLV1bA

Request Chain 335

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH6UsaxcHs82wGo_VHfLFXI&google_cver=1&google_push=AYg5qPLB4zWCe1NwZosyeOuilafFRN1R8S6iTDIiL0Nz9RnEdRTbLYsiAUGAyRdm9LQdBneE8kBw_5fGWhsdqFIxI3wjB0JhIvcXfg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dCMzJDUlYtMU4tMlIwQw==&google_push=AYg5qPLB4zWCe1NwZosyeOuilafFRN1R8S6iTDIiL0Nz9RnEdRTbLYsiAUGAyRdm9LQdBneE8kBw_5fGWhsdqFIxI3wjB0JhIvcXfg

Request Chain 336

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIr1gMR2d-oMtGxrsGsWZ3w&google_cver=1&google_push=AYg5qPKw_x9Jiqgm0zmnpnqQoaABbl4kWViRLQlNXltQO80TOUbhRFq10XVqs7lr8sfOL6O6ax72KW8ahsJ68jooNgf9SwDFLquo HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIr1gMR2d-oMtGxrsGsWZ3w&google_cver=1&google_push=AYg5qPKw_x9Jiqgm0zmnpnqQoaABbl4kWViRLQlNXltQO80TOUbhRFq10XVqs7lr8sfOL6O6ax72KW8ahsJ68jooNgf9SwDFLquo&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKw_x9Jiqgm0zmnpnqQoaABbl4kWViRLQlNXltQO80TOUbhRFq10XVqs7lr8sfOL6O6ax72KW8ahsJ68jooNgf9SwDFLquo&google_hm=7d3532ad3922978cb6f34df3

Request Chain 337

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMxRzyZcg19Ys9-Hn0jnHk0&google_cver=1&google_push=AYg5qPK4w9GTL4fzrF4Mhipm2jNx2fmM67OjE-SKDielaN4Gy2LnukGChXhZMqjMmSwfMxupEmEnnQFafRkrwB6U5zm1a57lsBdKew HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMxRzyZcg19Ys9-Hn0jnHk0&google_cver=1&google_push=AYg5qPK4w9GTL4fzrF4Mhipm2jNx2fmM67OjE-SKDielaN4Gy2LnukGChXhZMqjMmSwfMxupEmEnnQFafRkrwB6U5zm1a57lsBdKew&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMxRzyZcg19Ys9-Hn0jnHk0&google_cver=1&google_push=AYg5qPK4w9GTL4fzrF4Mhipm2jNx2fmM67OjE-SKDielaN4Gy2LnukGChXhZMqjMmSwfMxupEmEnnQFafRkrwB6U5zm1a57lsBdKew&apid=UP5c6c681a-4bcd-11ec-9a64-06ff4103d6f8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA1YzZjNjgxYS00YmNkLTExZWMtOWE2NC0wNmZmNDEwM2Q2Zjg%3D&google_push=AYg5qPK4w9GTL4fzrF4Mhipm2jNx2fmM67OjE-SKDielaN4Gy2LnukGChXhZMqjMmSwfMxupEmEnnQFafRkrwB6U5zm1a57lsBdKew

Request Chain 340

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBOd1D6iNuHVFDq-xkiDR5k&google_cver=1&google_push=AYg5qPLfdk25ERRiywZ-_KnT7bDyzX3bDsUyXtC2HYCgA20CWMq8bEtiiE0EvZjlXVIq2ezlSA4-NI3FnnTIn0tehhUHGX-vF8wW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM4MTI3NDMyNjE0NjcwNjcxOQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMhJZ0z0ymD4WZ5Z9wMZSYo&google_cver=1

Request Chain 341

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJHZU9vJHSJvvMXsl8fxDyr0I1pE1bit4i684R4Kso0Ed0UE57UtzGo3XCZXW8AnbpvaPPh3dQWGUQKJ7HovIe513HK7hjl&google_gid=CAESEGx2r3zSWhaM4-BF_RvnZAI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVp2MFlRQUFCVS1BYmtyLQ&google_push=AYg5qPJHZU9vJHSJvvMXsl8fxDyr0I1pE1bit4i684R4Kso0Ed0UE57UtzGo3XCZXW8AnbpvaPPh3dQWGUQKJ7HovIe513HK7hjl

Request Chain 342

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGvbIi-K7Y8w-G6a-kNExHo&google_cver=1&google_push=AYg5qPLTFEZ5P7XTDWLIJd_Bki6cqF_9teJqlU9PdJQY8-whr71SA_1pqsPnaMYEKvEvOWSP0lQzBv1EibzbBybzk-o2QM5IdpTF&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLTFEZ5P7XTDWLIJd_Bki6cqF_9teJqlU9PdJQY8-whr71SA_1pqsPnaMYEKvEvOWSP0lQzBv1EibzbBybzk-o2QM5IdpTF%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGvbIi-K7Y8w-G6a-kNExHo&google_cver=1&google_push=AYg5qPLTFEZ5P7XTDWLIJd_Bki6cqF_9teJqlU9PdJQY8-whr71SA_1pqsPnaMYEKvEvOWSP0lQzBv1EibzbBybzk-o2QM5IdpTF&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLTFEZ5P7XTDWLIJd_Bki6cqF_9teJqlU9PdJQY8-whr71SA_1pqsPnaMYEKvEvOWSP0lQzBv1EibzbBybzk-o2QM5IdpTF%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 343

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOAobKCoRdMrDQR9IUJiKZI&google_cver=1&google_push=AYg5qPJeYDUAJIPu-2x5Vv-AjVJp38_IXIzMDS_elO1_pXcP7aLYBn1Zl6dURqgf7uup5qenp0F5NTfSHMuST2PTorjDkaSPDy1h HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOAobKCoRdMrDQR9IUJiKZI&google_push=AYg5qPJeYDUAJIPu-2x5Vv-AjVJp38_IXIzMDS_elO1_pXcP7aLYBn1Zl6dURqgf7uup5qenp0F5NTfSHMuST2PTorjDkaSPDy1h

Request Chain 344

https://um.simpli.fi/gp_match?google_gid=CAESEKbXoEkgtfeU3hvL0JXEcjQ&google_cver=1&google_push=AYg5qPILG1ZpeQ6SXeI4J5Y1cXoLYHsZbplKKENPiWU0wgtER-MrdbMasdxJyOp4s9FvAvhoy8PuuknFoYYB-hY12J1zX9VahXg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B7CB414A934473899657D93AD72D041&google_push=AYg5qPILG1ZpeQ6SXeI4J5Y1cXoLYHsZbplKKENPiWU0wgtER-MrdbMasdxJyOp4s9FvAvhoy8PuuknFoYYB-hY12J1zX9VahXg

Request Chain 346

https://onetag-sys.com/sync/i,19/?google_gid=CAESENr72ABQXU95URwzEHrVKiY&google_cver=1&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3

Request Chain 354

https://um.simpli.fi/gp_match?google_gid=CAESEKbXoEkgtfeU3hvL0JXEcjQ&google_cver=1&google_push=AYg5qPKgHCJW6Y6AmOyPgkjgGaEouQWN1jR9NhzVmCxECQWrXCeicNo7x4l53u7dU_DWd0DXiVO7r2nHdq3Dg6M900QAOOPlLcT2HQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1B9DFA235640482C98A707F76EC69423&google_push=AYg5qPKgHCJW6Y6AmOyPgkjgGaEouQWN1jR9NhzVmCxECQWrXCeicNo7x4l53u7dU_DWd0DXiVO7r2nHdq3Dg6M900QAOOPlLcT2HQ

Request Chain 356

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGgKSqQXwQmL0tWiC2T31gk&google_cver=1&google_push=AYg5qPK0VhAMqNLE-9QHlPLRuTMaNX9LLXcQ8lEsFJyhI6iWi1aNrGA0kvA31Aa1MkSmMezxAAIH5BjENV6lD5FjUwVALr-2PYUA1g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK0VhAMqNLE-9QHlPLRuTMaNX9LLXcQ8lEsFJyhI6iWi1aNrGA0kvA31Aa1MkSmMezxAAIH5BjENV6lD5FjUwVALr-2PYUA1g&google_hm=NzM3NjI1ODc3MDU0OTk5NjUyNA%3D%3D

Request Chain 357

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEAxAY2KPe-HlVTm-Xc_cB_A&google_cver=1&google_push=AYg5qPLfpzg80vcEMzbwNdZIz6DuLei9N9y0L4MnEtJdnK67NCzQkxDSQYvaWBVvQOFGRjSyRqfKlRkZTuVOP50sxWWdXSd_EUM6JA HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-06f335ca-9643-4c6b-b7f9-0c151262584c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLfpzg80vcEMzbwNdZIz6DuLei9N9y0L4MnEtJdnK67NCzQkxDSQYvaWBVvQOFGRjSyRqfKlRkZTuVOP50sxWWdXSd_EUM6JA%26google_hm%3DAwbzNcqWQ0xrt_kMFRJiWEw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLfpzg80vcEMzbwNdZIz6DuLei9N9y0L4MnEtJdnK67NCzQkxDSQYvaWBVvQOFGRjSyRqfKlRkZTuVOP50sxWWdXSd_EUM6JA&google_hm=AwbzNcqWQ0xrt_kMFRJiWEw

Request Chain 358

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMv5f_P_SQaGMVCXFfZLiXY&google_cver=1&google_push=AYg5qPIES1UqFf9i7DX4WGPEOwgYs75LL8Axj-BYg_hNYsSYMgwBAK4Z7g7fbMVdjugE_sn4uKNDd0OZotfZBx8eVGoy2Sxa35ot4jE HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMv5f_P_SQaGMVCXFfZLiXY&google_cver=1&google_push=AYg5qPIES1UqFf9i7DX4WGPEOwgYs75LL8Axj-BYg_hNYsSYMgwBAK4Z7g7fbMVdjugE_sn4uKNDd0OZotfZBx8eVGoy2Sxa35ot4jE&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hekJzV1ZoRTJ1RjZuVHF4VnZDdnNnVzlzMDB4U09HWn5B&google_push=AYg5qPIES1UqFf9i7DX4WGPEOwgYs75LL8Axj-BYg_hNYsSYMgwBAK4Z7g7fbMVdjugE_sn4uKNDd0OZotfZBx8eVGoy2Sxa35ot4jE

Request Chain 360

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOUYWcTLeBcDt_2H3xSTLw0&google_cver=1&google_push=AYg5qPLhBwqefNV-r6pv1LBM5B7rHAtceVzU0nzREvXVFX6OQldbBUsxHc50N2lF_vHFRWXetSjKIV_rM3WyXS2oZ07_i5tvldkdZQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLhBwqefNV-r6pv1LBM5B7rHAtceVzU0nzREvXVFX6OQldbBUsxHc50N2lF_vHFRWXetSjKIV_rM3WyXS2oZ07_i5tvldkdZQ

Request Chain 361

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGvbIi-K7Y8w-G6a-kNExHo&google_cver=1&google_push=AYg5qPLiGzvsP81A0T0DQ56DC2wR7_wzMALXeN4nbcvh7jGBWaa3e5nI5D-zQx-5eqM2JwadoUIwyhL5xr15i99En4yRPWsryIyBaQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLiGzvsP81A0T0DQ56DC2wR7_wzMALXeN4nbcvh7jGBWaa3e5nI5D-zQx-5eqM2JwadoUIwyhL5xr15i99En4yRPWsryIyBaQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGvbIi-K7Y8w-G6a-kNExHo&google_cver=1&google_push=AYg5qPLiGzvsP81A0T0DQ56DC2wR7_wzMALXeN4nbcvh7jGBWaa3e5nI5D-zQx-5eqM2JwadoUIwyhL5xr15i99En4yRPWsryIyBaQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLiGzvsP81A0T0DQ56DC2wR7_wzMALXeN4nbcvh7jGBWaa3e5nI5D-zQx-5eqM2JwadoUIwyhL5xr15i99En4yRPWsryIyBaQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 362

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEt4T1YjbA6gB620kk5sSaw&google_cver=1&google_push=AYg5qPIReA0NfwNUhMgrsEK65dQVSSSyM82fdMYbJ9lnsHzDTstnzuZb0hOWePUtYhGQImjtMTzH7YmVJBGZbHi8VbYLSaCO3Gyv2w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIReA0NfwNUhMgrsEK65dQVSSSyM82fdMYbJ9lnsHzDTstnzuZb0hOWePUtYhGQImjtMTzH7YmVJBGZbHi8VbYLSaCO3Gyv2w&google_hm=lNNsOsDHT9KgmgJYzs7W6go

Request Chain 363

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL0cA4GVxGN4FiXH3Ucrxsk&google_cver=1&google_push=AYg5qPISHEXASYJcnqNag1_TEzU_Th6HUKZPO3aoNDSGEXrz-992baFnpmt-u2AKj2UdeZvGNdF5M80xAZWG9L_ZPFuQMpnYlN_a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjQ4NjQ3NTUzMDI2NzQ0Nw&google_push=AYg5qPISHEXASYJcnqNag1_TEzU_Th6HUKZPO3aoNDSGEXrz-992baFnpmt-u2AKj2UdeZvGNdF5M80xAZWG9L_ZPFuQMpnYlN_a

Request Chain 364

https://rtb.openx.net/sync/dds?google_gid=CAESEAkwh8Pz1RmFAuJIu9OBgLU&google_cver=1&google_push=AYg5qPIc9uvi4Y-Z3nN4VY-WCD69osXh5DeXe_bsl9V-5tFjqctFNBq3pEzMM1z1ecVh9KGUZESut8bvqoXoAHvNHSwnx0pfZsUwzA HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEAkwh8Pz1RmFAuJIu9OBgLU&google_cver=1&google_push=AYg5qPIc9uvi4Y-Z3nN4VY-WCD69osXh5DeXe_bsl9V-5tFjqctFNBq3pEzMM1z1ecVh9KGUZESut8bvqoXoAHvNHSwnx0pfZsUwzA&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIc9uvi4Y-Z3nN4VY-WCD69osXh5DeXe_bsl9V-5tFjqctFNBq3pEzMM1z1ecVh9KGUZESut8bvqoXoAHvNHSwnx0pfZsUwzA&google_hm=G6G7DvQ_yKYKWrGRO6fwFA==

Request Chain 365

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDHFsiQLUuAouObPdfg3Vnc&google_cver=1&google_push=AYg5qPIbleX7LJrNeAcKv2jhVMjUaXRUpfFWbLEuB3nWf9ms0q_AITAX68-zIBx3G4WZEDszUVBFHTT_0mwJpj9T8sthWx2C3VpMCA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIbleX7LJrNeAcKv2jhVMjUaXRUpfFWbLEuB3nWf9ms0q_AITAX68-zIBx3G4WZEDszUVBFHTT_0mwJpj9T8sthWx2C3VpMCA

Request Chain 366

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEE7PK5uv_iwA2xDzuSHaMd8&google_cver=1&google_push=AYg5qPLIxtDEMLHEATVXnWpdkgQOO2Kq6HH7AILLmvlg9Tp0tNBY6HsRdM2OpibzZp7RfpsvXGZnVahcLKTvP0cyTByuoB4kgg7WUw HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLIxtDEMLHEATVXnWpdkgQOO2Kq6HH7AILLmvlg9Tp0tNBY6HsRdM2OpibzZp7RfpsvXGZnVahcLKTvP0cyTByuoB4kgg7WUw&google_gid=CAESEE7PK5uv_iwA2xDzuSHaMd8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2MjY4MDQxMjA2NTgxNDY4MjM%3D&google_push=AYg5qPLIxtDEMLHEATVXnWpdkgQOO2Kq6HH7AILLmvlg9Tp0tNBY6HsRdM2OpibzZp7RfpsvXGZnVahcLKTvP0cyTByuoB4kgg7WUw

Request Chain 377

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1

Request Chain 378

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZv0YcrO2EkNM3gfnnqPiQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1

Request Chain 379

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL89rWY9IwfNc6KfM6eS9BY&google_cver=1

Request Chain 380

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

Request Chain 385

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6191729192893.931 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLbAzu3erPQCFXQcBgAd3I4Nrg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6191729192893.931

Request Chain 392

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4388042477225.982 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjAzu3erPQCFTIgBgAdMwcGjA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4388042477225.982

Request Chain 399

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=22675ca7-831e-4502-9479-219d365aee46&dongle=0cfd

Request Chain 400

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFzVou2VAk0dnGUs_5cH3XI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 401

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM2MjY4MDQxMjA2NTgxNDY4MjM%3D

Request Chain 403

https://pr-bh.ybp.yahoo.com/sync/triplelift/13626804120658146823?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-R99C4n1E2oQ1DCxStT6oUCmtCN8j.YcUHXTtjyIxxA--~A&dongle=0883

Request Chain 404

https://x.bidswitch.net/sync?ssp=triplelift&user_id=13626804120658146823&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=13626804120658146823&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=3056486475530267447&ssp=triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=066e7bdc-27ce-4994-b0d5-32e928c4baf0&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 406

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=13626804120658146823 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=13626804120658146823&dcc=t

Request Chain 407

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0

Request Chain 408

https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4771&xuid=2381274326146706719&dongle=d407

Request Chain 420

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBOd1D6iNuHVFDq-xkiDR5k&google_cver=1&google_push=AYg5qPKBqYXQt-jhFtZOBUzGq-dkXFWrI1gQDyZ0yTj5rqqguVbugXQl0BBt8yjy7tlopvXIhtwUX_adSM8KGtSLK-14VjebKxA0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM4MTI3NDMyNjE0NjcwNjcxOQ==&gdpr=0&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEMhJZ0z0ymD4WZ5Z9wMZSYo&google_cver=1

Request Chain 422

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEt4T1YjbA6gB620kk5sSaw&google_cver=1&google_push=AYg5qPJxS7bokN-AiHRIEUIPyMMM_jC4pnRkAqnnY7K6bSGiQOWQ_h2V25CRKXgd6M8MM9MUf7TrpmPXYFUD-8kHaLIdvHC9EOE-XQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJxS7bokN-AiHRIEUIPyMMM_jC4pnRkAqnnY7K6bSGiQOWQ_h2V25CRKXgd6M8MM9MUf7TrpmPXYFUD-8kHaLIdvHC9EOE-XQ&google_hm=lNNsOsDHT9KgmgJYzs7W6go

Request Chain 423

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJMCF14hs9a6BbO-qLwe0vg&google_cver=1&google_push=AYg5qPIwv6mIH3h41y8Yryv0mLr391TxdSS72-xndargKcVNERwvfFjYaH6NT0MvhhWFkqehospVKRzBg1YhxZKxkYG11yVdYZS- HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPIwv6mIH3h41y8Yryv0mLr391TxdSS72-xndargKcVNERwvfFjYaH6NT0MvhhWFkqehospVKRzBg1YhxZKxkYG11yVdYZS-&google_hm=hmGb9GGl9IBZCYY7XA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D619BF461A5F4805909863B5CBLIS

Request Chain 424

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELKMw75CCITErcSwgvMJdUE&google_cver=1&google_push=AYg5qPKHwxGz4MnkeeF2Trl7XofvQtmRBpvJHOLLMIjXYJN8QNHccJ4031aUWkSf2bevlp94vY7-lygEQzdh9Ym3g_36-rsEcH8MWA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKHwxGz4MnkeeF2Trl7XofvQtmRBpvJHOLLMIjXYJN8QNHccJ4031aUWkSf2bevlp94vY7-lygEQzdh9Ym3g_36-rsEcH8MWA&google_hm=Bm573CfOSZSw1TLpKMS68A==

Request Chain 425

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEE7PK5uv_iwA2xDzuSHaMd8&google_cver=1&google_push=AYg5qPLo5HOhT5cnHJelmOKUR2ZXDMaj2crNkgsYRqK1r3NwAVK1Qxs2259R-YSiXZtlVok-Lfsyef1ZxfOkQNlU7SPmAkTtiuhggA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2MjY4MDQxMjA2NTgxNDY4MjM%3D&google_push=AYg5qPLo5HOhT5cnHJelmOKUR2ZXDMaj2crNkgsYRqK1r3NwAVK1Qxs2259R-YSiXZtlVok-Lfsyef1ZxfOkQNlU7SPmAkTtiuhggA

Request Chain 429

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELZaexKyo7tcR6Jj7yOACbY&google_cver=1&google_push=AYg5qPIb_l65-YKWMiKR6y4Xqk5vDVvcOJTaW34rIMxDID02xnMcnnu71tdiD-4DqexzcBUXDmf5lldCh1q853j4hSOchr0HvmiqWg HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELZaexKyo7tcR6Jj7yOACbY&google_cver=1&google_push=AYg5qPIb_l65-YKWMiKR6y4Xqk5vDVvcOJTaW34rIMxDID02xnMcnnu71tdiD-4DqexzcBUXDmf5lldCh1q853j4hSOchr0HvmiqWg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eFA0Y25MeFoxTVBmazU1&google_gid=CAESELZaexKyo7tcR6Jj7yOACbY&google_cver=1&google_push=AYg5qPIb_l65-YKWMiKR6y4Xqk5vDVvcOJTaW34rIMxDID02xnMcnnu71tdiD-4DqexzcBUXDmf5lldCh1q853j4hSOchr0HvmiqWg

Request Chain 431

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEt4T1YjbA6gB620kk5sSaw&google_cver=1&google_push=AYg5qPL249DywhZgNxO_3ef3TZ5CMj4w0Gsp0ydm1W4GaXrciBmFu-mpH8Cvz7MGb8VRt_d_QZjl9bipYgjgKFI_lnGk_G85wBtzhg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPL249DywhZgNxO_3ef3TZ5CMj4w0Gsp0ydm1W4GaXrciBmFu-mpH8Cvz7MGb8VRt_d_QZjl9bipYgjgKFI_lnGk_G85wBtzhg&google_hm=lNNsOsDHT9KgmgJYzs7W6go

Request Chain 432

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEK-tDPbvwud_Rw8T3kBT16o&google_cver=1&google_push=AYg5qPL7RUSwVpYiAn2Kv4PkL05dhxPMAeNzIoKOV8Vf8mVjsmWdPMQrpaOEZJxq_-5wfcBBudJJLYcDDAol1d1e_GRzUXlu5nh9 HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEK-tDPbvwud_Rw8T3kBT16o&google_cver=1&google_push=AYg5qPL7RUSwVpYiAn2Kv4PkL05dhxPMAeNzIoKOV8Vf8mVjsmWdPMQrpaOEZJxq_-5wfcBBudJJLYcDDAol1d1e_GRzUXlu5nh9&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=P0tsWESiaGE1fCqLI-f73g&google_push=AYg5qPL7RUSwVpYiAn2Kv4PkL05dhxPMAeNzIoKOV8Vf8mVjsmWdPMQrpaOEZJxq_-5wfcBBudJJLYcDDAol1d1e_GRzUXlu5nh9

Request Chain 433

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELKMw75CCITErcSwgvMJdUE&google_cver=1&google_push=AYg5qPIjnfbT-pJZemwc2vzugQDFezvpPnhYAWA4J4nGEWSDMwY4P-kjwbvNkr7v6UaJGCSCX4vkgzRdRTik1j4DiTsf1aY2ZvMCpw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIjnfbT-pJZemwc2vzugQDFezvpPnhYAWA4J4nGEWSDMwY4P-kjwbvNkr7v6UaJGCSCX4vkgzRdRTik1j4DiTsf1aY2ZvMCpw&google_hm=Bm573CfOSZSw1TLpKMS68A==

Request Chain 434

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGgKSqQXwQmL0tWiC2T31gk&google_cver=1&google_push=AYg5qPLuOLcuqX-m9bsz8lz8LI4iHbZ8zzN5_JRArnw54pXb1Ql9tAxTg1jEj6aYIdAO5Lyj6cF2nG6V24B84e9-s5byO7RQAVhaPA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLuOLcuqX-m9bsz8lz8LI4iHbZ8zzN5_JRArnw54pXb1Ql9tAxTg1jEj6aYIdAO5Lyj6cF2nG6V24B84e9-s5byO7RQAVhaPA&google_hm=NzM3NjI1ODc3MDU0OTk5NjUyNA%3D%3D

Request Chain 438

https://ad3.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=b9adda8ffc&subid=&uid=69fca89826df9b1e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fwww.controle.50emais.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.controle.50emais.com.br&random=9178980729899&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://ad3.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=b9adda8ffc&subid=&uid=69fca89826df9b1e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fwww.controle.50emais.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.controle.50emais.com.br&random=9178980729899&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 440

https://www.awin1.com/cshow.php?s=2419055&v=11430&q=366416&r=473322&pref1=24479700155119200383828011786003&gdpr=&gdpr_consent= HTTP 302
https://creative.mlsat02.de/telekom/aff/ads_media.php?b=1&pvfn=1&dlid=2055&partnerid=473322&zanpid=11430_473322_1637610594_&cachebuster=1637610594&awv=11430_473322_1637610594_5ced30b3-4bcd-11ec-9d39-2236c0dc0c5d&gdpr=&gdpr_consent= HTTP 301
https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-NTIwMDQ5OTQ7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2Mzc2MTA1OTRfNWNlZDMwYjMtNGJjZC0xMWVjLTlkMzktMjIzNmMwZGMwYzVkOw..&target=https%3A%2F%2Ftracking.mlsat02.de%2Fonepixel.gif HTTP 302
https://tracking.mlsat02.de/onepixel.gif

Request Chain 444

https://sync.adtelligent.com/csync?t=p&ep=0&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dadtelligent%26gdpr%3D%26gdpr_consent%3D%26uid%3D%7Buid%7D HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=adtelligent&gdpr=&gdpr_consent=&uid=406809d7cf964f80

Request Chain 445

https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556873&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad3.ad-srv.net%2Fc%2Fcmvj7c148qmq1w5%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1 HTTP 301
https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad3.ad-srv.net%2Fc%2Fcmvj7c148qmq1w5%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__

Request Chain 449

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPqA68jgWhAmnK-DWee0u2g&google_cver=1&google_push=AYg5qPLeHd_nH4JJLAX8nTot1u_Bh3Zk-G79aJLNwPuLTo5b2fVL8fIHRCCPIODBnI4LUozaJVFCfk_FrFVxsnz73JwRkST8UJA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eFA0Y25MeFoxTVBmazU1&google_gid=CAESEPqA68jgWhAmnK-DWee0u2g&google_cver=1&google_push=AYg5qPLeHd_nH4JJLAX8nTot1u_Bh3Zk-G79aJLNwPuLTo5b2fVL8fIHRCCPIODBnI4LUozaJVFCfk_FrFVxsnz73JwRkST8UJA

Request Chain 451

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEngho91L3PDlX25j0a_QTY&google_cver=1&google_push=AYg5qPLKtLEhfGBauODYahG6PHe8xKI8oK0CKolju91oiC4RPYkLHfAXwNxZA4YiMjfRIf1eRVlxphU7_xU6114VY5h9wR842d0 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPLKtLEhfGBauODYahG6PHe8xKI8oK0CKolju91oiC4RPYkLHfAXwNxZA4YiMjfRIf1eRVlxphU7_xU6114VY5h9wR842d0&google_hm=hmGb9GGl9IBZCYY7XA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D619BF461A5F4805909863B5CBLIS

Request Chain 452

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFV6t_RZIcms-lFzUE0l5Hs&google_cver=1&google_push=AYg5qPJoxVP9EFI17T6Cj5uuwabwVRaTlj4j3cyWXqdhZrVRbjpIXo25lhL9XFxBVnd7Ls9roU2kFePSlW8zIQ8F1EW3nhzMbjM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJoxVP9EFI17T6Cj5uuwabwVRaTlj4j3cyWXqdhZrVRbjpIXo25lhL9XFxBVnd7Ls9roU2kFePSlW8zIQ8F1EW3nhzMbjM&google_hm=NzM3NjI1ODc3MDU0OTk5NjUyNA%3D%3D

Request Chain 453

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENn57ToEMvcFMx0JH4C37rs&google_cver=1&google_push=AYg5qPJf_VPjPMXEH2xFlIknfnPUzHUPamjIQeVnhbp2ma7aDDswq9aFHESZEOALTygEOZQB9Dew3xGJYJ3VG8Tkcw7BCumYPsk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjQ4NjQ3NTUzMDI2NzQ0Nw&google_push=AYg5qPJf_VPjPMXEH2xFlIknfnPUzHUPamjIQeVnhbp2ma7aDDswq9aFHESZEOALTygEOZQB9Dew3xGJYJ3VG8Tkcw7BCumYPsk

Request Chain 484

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.controle.50emais.com.br%2F&domain=www.controle.50emais.com.br&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=abEKK3xCbmtXU0l5aU1OK2M2eE5zRVplSWozWkYydFdzWTRSNld5NXNxQTZTS1djTlE4UnlraURZWHczQ3lOSUdlRTcyRVBuTDhFQjFaUjN3dk51Z1JicTQxNlNodFZ1MkQ4SXIyQk4zeXgzU2NpM0Zpc3dFQk4wK3NrTThaa0ZzeWtWcWplZzhyRitxVzdqNFdITWltdTlObjBza1MwQWZaS0cxUktSNlV3ZGF6OEpSeG0yWDd2a3pNeFVaUHI5cmIzMUZIcldlQmhPbTVIcU5zMDB6enJPUktQUjZvWU9XZFQ2aU9PQUhhbVRrVGJkenZRNGk5NkVkSlg3MWc0UDRhajJrfA&cppv=2

Request Chain 497

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=67618684796 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=67618684796&google_gid=CAESEKCWsXaLPtgKTlLXgz5AxR4&google_cver=1

Request Chain 498

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=6652619b-f461-4800-ba27-53f5a8dd372f

519 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.controle.50emais.com.br/ 179 KB
28 KB 3497ms
3051ms Document
text/html 190.89.238.22
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.controle.50emais.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.22 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br88.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: e1950a73728c86ec63ab09d052e4feddf23b142ca571538c881a0d4b59f2f2e7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.20.2
date: Mon, 22 Nov 2021 19:49:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
cf-edge-cache: cache,platform=wordpress
link: <https://controle.50emais.com.br/wp-json/>; rel="https://api.w.org/" <https://controle.50emais.com.br/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json" <https://50emais.com.br/>; rel=shortlink
content-encoding: gzip

GET
H2 200 style.min.css
controle.50emais.com.br/wp-includes/css/dist/block-library/ 79 KB
10 KB 226ms
212ms Stylesheet
text/css 190.89.238.22
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.50emais.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.22 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br88.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:49 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 13:26:49 GMT
server: nginx/1.20.2
etag: W/"6155bb19-13abe"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 styles.css
50emais.com.br/wp-content/plugins/contact-form-7/includes/css/ 3 KB
2 KB 241ms
184ms Stylesheet
text/css 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.2

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Oct 2021 18:37:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXbEPFc9RPnoTusP4UCJ6T78hQ19fo7Zpcz%2BHZyl%2Bx1myx6%2BWd2Sx1N25se9Kcy8KTpqXmYZgokBc1%2BGuuCxfld2QHEHMW7S9CYdUkybb%2B1Li%2FQeia7gAOYovodhrVXuLdMUZ1agqTmU636s3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeec3ced0f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A400&display=swap&ver=5.8.2

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8b814cefc8fe9d1ea891eba850f93f66a1332b8f754b30334dff1018a5fcefb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.controle.50emais.com.br/
Origin: https://www.controle.50emais.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 18:16:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 19:49:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 19:49:50 GMT

GET
H2 200 frontend.min.css
50emais.com.br/wp-content/plugins/wp-user-avatar/assets/css/ 68 KB
11 KB 300ms
243ms Stylesheet
text/css 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=3.2.3

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e6acde1a483c1cfd05ef515b8a74523c2aa0c12e16d8ce04ae32275731d8782

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 13:11:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuWMIWrXNGRxVrdAaz1BhdJct5IExlkqAQ0JgkY3OJjEeng9gif2UqGndekLKl62XYwhzZ4mrz694tG7alkonEGpgLuGetzsNnr7RmgQ595flkMSCXqPseMz4LBHZwaxUIsbfFHyoX3NJDxHLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeec5d290f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 flatpickr.min.css
50emais.com.br/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 16 KB
3 KB 287ms
230ms Stylesheet
text/css 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=3.2.3

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

661e00570c65c29528d9ce6ee19e5e9939986716c293def67b07f8b6a191b018

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 13:11:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LjVP0D5roWlXcDPSFzrSN5mghUwMgzHWsloobKpL4NOQUlpaicQwT3%2Bt5naKIXBy3mM5AFYNPsMqZ%2BiJthHLA77rF2LeeSgIu80J6S7fhB%2Bzr%2FKNe%2FyxqyuZK5jTkVQbiRM%2Bjppy5F8vQ9Bjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeec5d330f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 select2.min.css
50emais.com.br/wp-content/plugins/wp-user-avatar/assets/select2/ 15 KB
2 KB 298ms
242ms Stylesheet
text/css 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=5.8.2

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 13:11:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsVt%2BmXIOh4Lwdj%2B%2BcvyC1I3HiIvzmD%2FlN8Dgd%2FA7E5b2KEJRIriiVnyzsPCWqkwLipDm13GYiBxcatCn%2B1jZj5aQhNosRT3ukycP%2FnoyA2e6y83iS4gyj%2FOXgcuQz05%2BqcsB%2FJDjCbIwGQYIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeec4cf30f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 css
fonts.googleapis.com/ 45 KB
2 KB 42ms
19ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CRoboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=1.0

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

150269bbd0cd126b0e1a7d571ac5d6f264b390273da09c0f369704419994890a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 19:49:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 19:49:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 19:49:50 GMT

GET
H2 200 style.css
50emais.com.br/wp-content/themes/soledad/ 752 KB
98 KB 300ms
244ms Stylesheet
text/css 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/themes/soledad/style.css?ver=7.5.1

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c6df64cde46715891f7900a9a6487029160da0b392494f0a1bbd2ef4e86ebe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 May 2021 23:05:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nX8Hl3i5xwQe0SKwp1VNZoJpvft8cuRN40RYMbibQ3gHbR1PXys37%2BLC4mp%2BXaApWI%2Bgy6%2Fx0yaoYYZfrJpD%2FbrW2daZ%2BmRyVLxLZcdPAZoJl1UqDXf8n%2F9rCbR9xsxduPqqJrXS8almxQL9nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeec4cef0f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 font-awesome.4.7.0.min.css
50emais.com.br/wp-content/themes/soledad/css/ 30 KB
7 KB 262ms
207ms Stylesheet
text/css 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/themes/soledad/css/font-awesome.4.7.0.min.css?ver=4.7.0

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91644b2e470f05d7821bf618fd4f0613fd574db3e5cb031c30857681c0a1d681

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 06 Dec 2020 16:16:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Xo4%2FEg4D0g5gviOceS3jiG%2BUUoMomSo8tWWbd0mN%2BHMPJe3rS9PdfykTjmbOU4BBA4ub6xKs00PbuM1eJLKYKAOYLlt3cfbk1AKle3s%2Bv%2B8Y1ArLzmcVG0Om9WpYxkWbppC1b7Idhy%2BadlR8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeec4cf00f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 iconmoon.css
50emais.com.br/wp-content/themes/soledad/css/ 2 KB
874 B 336ms
281ms Stylesheet
text/css 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/themes/soledad/css/iconmoon.css?ver=1.0

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a63a0c2726eeb57c9dd5148a9873f7c21462b40bce95a1afd904941deef06e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 06 Dec 2020 16:16:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x2ipk8%2FiR0%2FlkE%2BhLnlo%2F%2FtUqNJKNCg3TX6dcWM6OpFCN%2BafMUWgNMhAmV9hKDy4CnKJePbfGUDZK9sSQ1bdvIbiXvLsvT4BpZ4BVpBs%2FWn9jsWGalQXvMyHwBqQlcVmgoXPgfYLIxo5pmtaew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeec5d370f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 weather-icon.css
50emais.com.br/wp-content/themes/soledad/css/ 1 KB
736 B 287ms
232ms Stylesheet
text/css 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/themes/soledad/css/weather-icon.css?ver=2.0

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44f8438740774b880cb7c84ee95ca74f6be640ffaa5312360bb16c855d6118ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 06 Dec 2020 16:16:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnyehUeo3So96r6bvcdZlfthYSkYP8a1fUI%2BizJLW2q%2Blnmn4e9afnPiex3%2B2C0%2BOTSq7x0k9QuAB2fUIeosYxlBrwrmf3vAaOMNaZRzxa6uQ0jWgMwhmBPSq6fGRy6rFUBYfU%2BsP3VctJUb1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeec5d350f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 elementor-icons.min.css
50emais.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/ 18 KB
4 KB 332ms
278ms Stylesheet
text/css 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.13.0

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2a442e1bc1180697fefe701f9b67b9cf4d819e2837bdb43898a2db6ef8e8262

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Nov 2021 14:00:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPbBn60ypheO0ksTrgd2v5hrhZEIxQpBSg9Aj%2Fww59wW0m16N6Od11BwpmiWicu1FsM3hDNAFX0yzLlE%2FdAxgqsOrVAFTvPsq2TvwvJ0ZFMrkWfZwi%2BnuPmXNJonez9AU1AuG9JYUvQgxGW76Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeec4cf70f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 frontend-legacy.min.css
50emais.com.br/wp-content/plugins/elementor/assets/css/ 4 KB
764 B 336ms
282ms Stylesheet
text/css 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.4.8

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

872089c45f5e10cfb40af5ed4b0e6659fd512dbfd043f1f44e6700f5ec021e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Nov 2021 14:00:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OtpcfGSObUHuif2vNBizbaSPxi7GYrvwAwyw37S2bzfq%2B3Si58HEUX%2FPudexDKxUMbd6lIofMawehT54omuCadA46HIciio4GQG8BUf7npKioXCYJuoEoYKRqvkrGKZIP9SXi0jUkl0ffBasQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeec5d250f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 frontend.min.css
50emais.com.br/wp-content/plugins/elementor/assets/css/ 128 KB
18 KB 361ms
306ms Stylesheet
text/css 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.4.8

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

207192180585ca9d319fa5e390cba4b97303a8f3ecbd5d2b6a2f1cf0c44da141

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Nov 2021 14:00:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FwC8jeSzyh6e9oMQ%2FxcsnXmoYfXcGVVb71b2jvOeU65K0dvBGTNVipXltF%2F87c6nitHSBHyRetMpnjnV%2BiX51HLhMOB23137YkfQoojKkXg5gUmPg8WFLYjpSxza8OxUMzJB2zyfaELgbShSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeec4cf80f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 post-65547.css
50emais.com.br/wp-content/uploads/elementor/css/ 950 B
599 B 285ms
231ms Stylesheet
text/css 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/uploads/elementor/css/post-65547.css?ver=1637085691

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3112f4b43b2c04ae1618d959628485ab4506420f8a0b468c906a949122ac8502

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Nov 2021 18:01:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ug3FpHfXohsAR2%2FdSCcpBTWmnHZhVyi6NBUg5qOKnMfiyFxPnGodJpc2hlyuEIU4SPwCYLcKSK%2BqR7DxAX8AWpV6kOTrjOb3%2BKNdKJ0nTFwsCil4Aqa0%2BUPSyGBoQj%2B5u%2BoEIVnXgvi0hf8dEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeec5d280f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 global.css
50emais.com.br/wp-content/uploads/elementor/css/ 9 KB
1 KB 364ms
310ms Stylesheet
text/css 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/uploads/elementor/css/global.css?ver=1637085691

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2539afa510b0aea243beb4b659728c1df3f6150f18021918ac3086757fa3700d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Nov 2021 18:01:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kztnRrufN0Y%2BsbnuXUBw0h4C%2BSrp2WuiFXuaaCeSptqw7D%2FBldCC1qMLZl%2Bp5WzmPgQvVVcva8%2BaVoD6nHWvV%2F%2Fyfna1bWlog1jGJZegdDSG6ULYYfcVQgemNx%2BCqdtBzv2OxWzE%2BVpu4xJi8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeec5d2e0f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 post-6.css
50emais.com.br/wp-content/uploads/elementor/css/ 27 KB
2 KB 255ms
201ms Stylesheet
text/css 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/uploads/elementor/css/post-6.css?ver=1637085691

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

968c2095067b9296d893fc128325973595d38b56d6789cec88ab1f8eb20253bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Nov 2021 18:01:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IO1iU4IVHVGjPfcCda8xWV%2FfNAqy%2FNm2%2FSXZpJuZ7TrssiB5jLUqjUhrUfbTFdMEI8YxuM1IAZQuqwCzwFAtJDRAahPTIT648wnmsAkULJilGZ6c%2FvlP3PyYX3zzXEIuk2n%2BZ9j9Jx9CB%2BPfXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeec5d2c0f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 recipe.css
50emais.com.br/wp-content/plugins/penci-recipe/css/ 22 KB
4 KB 741ms
687ms Stylesheet
text/css 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/penci-recipe/css/recipe.css?ver=2.6

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8222df6ecc03f3daa69b935819c36beb91e12ccad6f0346c435167e3de224d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 06 Dec 2020 16:19:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbGzyRs%2FKpOYqIac3Dt0lP7Y1ShftggXshH6IYgkOaOYIb71xuC0aP12XSHAFhWgiE7XNU2VAyM0LNpy9nkHx9nxaw33MgX5kWpCLfyUrMYik1TShuBPaWp3qhSU7ZgEkxU6jybuzlhd%2FSNqqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeec4cfd0f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 ytprefs.min.css
50emais.com.br/wp-content/plugins/youtube-embed-plus/styles/ 8 KB
2 KB 321ms
268ms Stylesheet
text/css 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=14.0.1.1

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe6fb394ee0ca825d246e96f55680f2c732a677e8720d4d02bf2bc2ae256c58c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 02:00:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHHo7MgYTqFdyq99bsvp3IFxkMXJcYNRHEPTSeL14txpd2px1V4YlOlPYZvmUhfC8XN1nMvUfISRkGacFf4YUQEwQwxGLWvokzORSatDa8CsQFrCZQ8qp9smRT%2FPU27lMXBt7vXZTbe9pAZF0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeec4cfa0f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 css
fonts.googleapis.com/ 71 KB
2 KB 38ms
17ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.2

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2f5827f37602f0ada4640790bc6387b4facf76dfa80fc69307d5666588f70df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.controle.50emais.com.br/
Origin: https://www.controle.50emais.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 19:27:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 19:49:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 19:49:50 GMT

GET
H2 200 jquery.min.js Show response
controle.50emais.com.br/wp-includes/js/jquery/ 87 KB
30 KB 393ms
384ms Script
application/javascript 190.89.238.22
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.50emais.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.22 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br88.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:49 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 13:26:49 GMT
server: nginx/1.20.2
etag: W/"6155bb19-15db1"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
controle.50emais.com.br/wp-includes/js/jquery/ 11 KB
4 KB 392ms
384ms Script
application/javascript 190.89.238.22
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.50emais.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.22 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br88.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:49 GMT
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx/1.20.2
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 flatpickr.min.js Show response
50emais.com.br/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 49 KB
15 KB 294ms
243ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=5.8.2

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

587e022b442a0d7013a27f5fd2db035e28a74318d44dac1ac431f124c615bb37

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 13:11:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6mdDVozZrcy2KItKwopqGLGtYTHWdLU3tvCpP0aJI6CCJQeLVLt0j3X%2BewEUgWx6C77Zcx0aX0q84lsGXCxfMn8nVsAuPrbl4Z7KBGHXcpCP50ktAOTLAOWvyFnSnbgCBXLye%2FqDjbg03JP4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeec5d390f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 select2.min.js Show response
50emais.com.br/wp-content/plugins/wp-user-avatar/assets/select2/ 69 KB
20 KB 293ms
241ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=5.8.2

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 13:11:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laA35ra0ZRodlkSgJVO%2FCcEm06dRoH4iwUsDe3aZjkVAAVSRs0CqXKKIMuDeSB1S7ysYYHjpCQqwQsQ4k%2BDpX5yX15yQJfwQuJG8EZTBGUy3HFxQSbk8ovkJob%2B5ZvZQ2QBTbFqy5q%2FdxYTO%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeec5d3d0f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 ytprefs.min.js Show response
50emais.com.br/wp-content/plugins/youtube-embed-plus/scripts/ 11 KB
4 KB 347ms
296ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=14.0.1.1

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc029d31969917dcf55ad0a2c9f8aeeb87b077892905e30a6d857c102c7be1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 02:00:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zoXd7X8ZixvnESLXSprur4MZbqG%2FvL6wyxzruMSUYaUzeIYN2i4YfVzxct5AJuxTcb2O3IQNq47SdfT1d15%2BxAP%2FSJVQM1aRXG%2FSKqhWjGJH7B%2BLiDEPe2P%2BrhVdLw6wJzVJo8PfebySokBVMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeec5d3e0f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 wp-emoji-release.min.js Show response
controle.50emais.com.br/wp-includes/js/ 18 KB
5 KB 217ms
213ms Script
application/javascript 190.89.238.22
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.50emais.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.22 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br88.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:49 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 13:26:49 GMT
server: nginx/1.20.2
etag: W/"6155bb19-4705"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 21 KB
8 KB 67ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac16fc5f13f63940f69a759a66af2e058a6a109d41327670f47f63bd9bacadb6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6800
x-xss-protection: 0
server: sffe
date: Mon, 22 Nov 2021 19:49:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "2706e266b5cdfc10"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 22 Nov 2021 19:49:50 GMT

GET
H3 200 penci-holder.png
50emais.com.br/wp-content/themes/soledad/images/ 125 B
744 B 226ms
223ms Image
image/png 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/themes/soledad/images/penci-holder.png

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 125
last-modified: Sun, 06 Dec 2020 16:16:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pStCCBG4BrgkmySDle5yQtTU%2FcH6g4flyg5CE9KDxAgdIOzs6Yrwceiov3rIRlZLTyDSi10%2BOb9%2F0CbJTDNqSr0i1panqp90Z5murf5R2XxzQlUANKeLlBMfvN3FsVU8W6V7Qdnmz0fIpdrgCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24aef0b8a0d618-MXP
expires: max-age=A10368000, public

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 67ms
42ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d49db392852eb7dd4c29a1d5d7b82f1ea281341982de3534030b92c0923c2b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51182
x-xss-protection: 0
server: cafe
etag: 13693609607954905816
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 19:49:50 GMT

GET
H2 200 bb4ee533-4177-468d-d929-08d96bc49622 Show response
tags.premiumads.com.br/dfp/ 122 KB
37 KB 137ms
42ms Script
text/javascript 2606:4700:20::681a:e79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/dfp/bb4ee533-4177-468d-d929-08d96bc49622

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

73d3a11f2393493713e9a9e44601bc3951e581de3c428d9cfe40c580e32e3f66

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15775
x-powered-by: ASP.NET
last-modified: Mon, 22 Nov 2021 15:26:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQ2Yr4yH7VrmRgCN04Lhpymr3TeIquQ7tRwhLcRzj%2FXBhsFPFH10Bo6tiTDU1xkdedJeKf6F4hmRGHWUd%2FJ48S7B%2BVqaFWynD8kfllPiHd5I7K%2FbBEIOVt2d9JSPLCYNPijsQxqRCJJE86Wd%2FUDRmIDdXFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=3600
cf-ray: 6b24aef15f9859c5-MXP
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
62 KB 46ms
22ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P0BMD5VBL0

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77af300b4280b2bec96a45a88fff537447cfa36f16e74a9e44e1a03ec4bf7b09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62637
x-xss-protection: 0
expires: Mon, 22 Nov 2021 19:49:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 36ms
20ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-35328918-1

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1deab5f4e6d851e602f8c57761ace15a166d43fc6a2aecb587719499f58146c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37072
x-xss-protection: 0
expires: Mon, 22 Nov 2021 19:49:50 GMT

GET
H2 200 animations.min.css
50emais.com.br/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 264ms
263ms Stylesheet
text/css 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.4.8

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Nov 2021 14:00:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbEOIdyAKAmE2v7aT%2BVPq8w1RiAgr8ctzkshcpZqBZd%2Bai94ew%2FHRPx1iBIU7g2Tq2BtB2fNvi22UWl4YVfpm6Wekq9VBvKf15FJMMRAgBs%2FynVt63rgtuF07yLrEzOwQ8ECSIz5nzllG5APkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aeeeabe60f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 regenerator-runtime.min.js Show response
controle.50emais.com.br/wp-includes/js/dist/vendor/ 6 KB
2 KB 210ms
210ms Script
application/javascript 190.89.238.22
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.50emais.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.22 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br88.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:49 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 13:26:49 GMT
server: nginx/1.20.2
etag: W/"6155bb19-1906"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-polyfill.min.js Show response
controle.50emais.com.br/wp-includes/js/dist/vendor/ 16 KB
6 KB 211ms
210ms Script
application/javascript 190.89.238.22
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.50emais.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.22 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br88.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:49 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 13:26:49 GMT
server: nginx/1.20.2
etag: W/"6155bb19-4056"
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 index.js Show response
50emais.com.br/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 194ms
193ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.2

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Oct 2021 18:37:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LmwQvO2XPp0G8t28Mj5t%2FcrxamACoW9VoT%2BrW8LsTh3I1xOLb3sFcEHYjE6kxCpXGPX4ttHi6Ysf68tz0Sx7ugSXsGd5eZ1F5BB93twpuTV0YOzPCgannBU2AfXMSqOWJH1B4n%2FU1T7J16LBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b807d618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 jquery.easypiechart.min.js Show response
50emais.com.br/wp-content/plugins/penci-review/js/ 4 KB
2 KB 200ms
198ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/penci-review/js/jquery.easypiechart.min.js?ver=1.0

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f73f452b5961dbe04bffdc40586dc8c689e172c2dcbfa90353d92acb7a08c444

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 06 Dec 2020 16:19:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngDjvO1IMsnSl21CJEl7ZIMGxRW8F2j8clpEU1lY6fFO%2BWZIaS3BPT6Eo%2FaiUJ3R1BkUQdOtr4S46UlPm0SM%2FgqYFl2ydgFwEfB8Z%2FWmO33HS3NWgRCVIjgVRhaTo3THGzcXcZaXAubYVoKsCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b80ad618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 review.js Show response
50emais.com.br/wp-content/plugins/penci-review/js/ 790 B
972 B 196ms
192ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/penci-review/js/review.js?ver=1.0

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

528ed787a4bd37642413945a1622bcfb77860d14711673fd1bf06346d870052b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 06 Dec 2020 16:19:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBCeW%2FHWbfLbszW3ardj6W7R%2FsldepoX5NKnR6ZGTjy4Q464DkR2RQ9qMX4kyOk62CY6xRrjEfYl5A%2FMSNDFtY1YVh7H7zhKpsr%2B%2BBaafXlxw5DS1MgHgBontsLsXzDDiIvJe0ReP3O9yrkXvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b827d618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 frontend.min.js Show response
50emais.com.br/wp-content/plugins/wp-user-avatar/assets/js/ 9 KB
3 KB 229ms
225ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=3.2.3

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3684b8902fe2f3f96b32be42dca7f2621827f8c8b92fde984b5b1787dd06a17b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 13:11:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKUVuwDDOtCHnEn9wXDu%2By28HFXqCVvJC53%2BJvuoMmPjqeN4XG8ciRjtt3y59S7naxpDFdKIKYJDOi9qMp0V%2BLXZh%2FB6tpXt%2B9V2HjvzQ7K17r95Rlef%2FDWzGPWqwn1h%2FC1DhcR1Cu68gIltZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b82ad618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 smush-lazy-load.min.js Show response
50emais.com.br/wp-content/plugins/wp-smush-pro/app/assets/js/ 8 KB
4 KB 207ms
203ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.8.5

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4f367d720fec23438ef17e4a32c05129ed2e6dd5163167c9dd0787ea1f62de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 29 Jun 2021 11:50:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijm5ebtoYMtQtVM64VLmd7Icb6xELgKG2JcjRqGHiRrmNNJCf6%2FDVrdCK5SnJZPwpExWFnzdJO4qoQ8pArXm0sKUMCZQ%2BCbKh78Vw%2F2RGqu%2BnFx1WqNrkQCJL53b6c4%2FzNfFBYQ8417IBiGRfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b82dd618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 libs-script.min.js Show response
50emais.com.br/wp-content/themes/soledad/js/ 170 KB
49 KB 263ms
258ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/themes/soledad/js/libs-script.min.js?ver=7.5.1

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1c9c8274dda2ffa74dc3442714fbf84b3f45c4394eb7e71c20acb5195401e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 06 Dec 2020 16:16:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUMBldI1mqZRnq0dpVAxdwfpPaFxxHmNN8caPysDWw%2FkKIC6TN8cy3%2FTyU2N6IBqMZmEVRBKzvKBwgGLOAuNh%2BMR%2BwTmQQynBgo9OL3ew39Y%2FrwCADoSQN%2BlaXTLKPZR9rCdw6DqkoqJDx7X8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b82ed618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 main.js Show response
50emais.com.br/wp-content/themes/soledad/js/ 43 KB
10 KB 245ms
240ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/themes/soledad/js/main.js?ver=7.5.1

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

345cf64eaee980af2b89c49b86955b1449e724690ff03cc73227a6d5edd60443

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 06 Dec 2020 16:16:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpL8mdGXT4fxAuvBqz%2FFMkVrDwO2oiuB3H3Cy1gmMc87XwVmQMYIqY5URBqW8XFtoAcmboXFU8U3oXljAqcf2GdV2%2ByZ6xCeN2Z7KenlD5NT%2FI6TZ0dcDpsJtz%2Fyg6nRhl1fpHrN%2Bbr6XojEcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b830d618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 post-like.js Show response
50emais.com.br/wp-content/themes/soledad/js/ 1 KB
1 KB 260ms
255ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/themes/soledad/js/post-like.js?ver=7.5.1

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

012f916c0da7df9f2f60c07ecac0fb5112fca218ae271b22f976aeb4ae811d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 06 Dec 2020 16:16:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2AVo5d9rFNaqeiHte8KZm5i%2BzQEyhT50JUz2OCylm4V0EdHEVK5SOxuLK7XIgXMXHmSP2pwiBpSNHnZ2qDextkBckzhtw1KC1YyZ%2FF5jVdC5AQ2e4HRrtNPGxpj5aKOkp4yThO%2Bo6m4DpDLaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b833d618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 more-post.js Show response
50emais.com.br/wp-content/themes/soledad/js/ 9 KB
3 KB 203ms
198ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/themes/soledad/js/more-post.js?ver=1.0

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1be4a501718e342734d6dd0efeb8bd217b4a14c3996a011f6121932e9b62dca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 06 Dec 2020 16:16:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43Y5NsMij3fPtHHiOCwUO0SuNKycTgIz3WGN9GUxMEkrz%2Bbfz%2FyHupbFd0uUsZ%2Bin%2FdH53MAFVfZgtuaey0nGb4uqCFHiNaj4kJ3E%2F1r8whDBNDH%2BQ3KIxahC%2FmLZ5Wv5V3hIws27R%2B2GNpV%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b834d618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 comment-reply.min.js Show response
controle.50emais.com.br/wp-includes/js/ 3 KB
1 KB 216ms
210ms Script
application/javascript 190.89.238.22
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.50emais.com.br/wp-includes/js/comment-reply.min.js?ver=5.8.2
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.22 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br88.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:49 GMT
content-encoding: gzip
last-modified: Thu, 25 Mar 2021 20:02:19 GMT
server: nginx/1.20.2
etag: W/"605cec4b-ba8"
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 jquery.rateyo.min.js Show response
50emais.com.br/wp-content/plugins/penci-recipe/js/ 9 KB
5 KB 260ms
255ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/penci-recipe/js/jquery.rateyo.min.js?ver=2.6

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

771176db448d0e5343ef0d95614c157949ab376afec10f1f96669dbe1e3bb983

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 06 Dec 2020 16:19:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lasjvfOCqksMXV%2FmxMERvan6Uha04xklpIBIUsYsNEhiEeLUAR1FR6GaPwOq3QmOi6SeWZ2cJnvKpUFbHiK0JDw63oemhgOMIfpaRGNpfyIhi4tw36EIhi6x1cZqMa%2BZRUBlKdx%2FWmgAglSVJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b836d618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 rating_recipe.js Show response
50emais.com.br/wp-content/plugins/penci-recipe/js/ 1 KB
1 KB 242ms
238ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/penci-recipe/js/rating_recipe.js?ver=2.6

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7a9aaef125713e5b57733e89b419b2dc7145efb1301fadc6eb312f21fbe0838

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 06 Dec 2020 16:19:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3YQmeM0dWyKMAP5yrJotKDj1GpMcxo7ZhDeKtMVgl1Ulb8XQRu%2BR61LDiaSaXaFcrMlJC9wvTMrml1P0wkHPxtm14VYsgPJOtkzVpP%2B1yVnshIyauCPnDN6bX9QwybQ0SUXRao%2BmRSexm9KfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b862d618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 fitvids.min.js Show response
50emais.com.br/wp-content/plugins/youtube-embed-plus/scripts/ 3 KB
2 KB 260ms
256ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=14.0.1.1

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8be3a402a3b2ad808402cea111ba3d286239d88e06c8e2969c84f46050dc88a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 02:00:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2vVSAV8X28utAb4l2fRQuWUnOZE%2Bw7NdFp4XZFOP3rkDsGsHLRcO9mcZi28jaFGBngsmdw02cMBOAtB9XrpPr%2F1h6uhuNx8F%2B5yMeRbwn%2FAzCwg%2B%2BDG7B1oPSJDm6GY%2FJpFSiqvQrKZoHPTZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b864d618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 wp-embed.min.js Show response
controle.50emais.com.br/wp-includes/js/ 1 KB
910 B 216ms
210ms Script
application/javascript 190.89.238.22
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.50emais.com.br/wp-includes/js/wp-embed.min.js?ver=5.8.2
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.22 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br88.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:49 GMT
content-encoding: gzip
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx/1.20.2
etag: W/"5ff5d754-592"
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 facebook.js Show response
50emais.com.br/wp-content/themes/soledad/js/ 257 B
779 B 278ms
274ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/themes/soledad/js/facebook.js?ver=7.5.1

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7d7ff37e6d35d54633e12d2077e5ab7987cdf5c93ed9ae93a1efca92bcdfe3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 06 Dec 2020 16:16:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtM5%2BuPxc76PSR4vBjZiQQhtr5mHazJfDxdcffXyRLPPNuru6KKUDR4FutGwMKG0rs%2Bl2Lxr3WRz1wqixZqKub8Z53EoKT10AvIPTydALelaS1Z6Au0Kj6ykXyvwQ2l9qIV56j8IhhzPyX%2FRwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b869d618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 webpack.runtime.min.js Show response
50emais.com.br/wp-content/plugins/elementor/assets/js/ 5 KB
3 KB 242ms
238ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.4.8

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e8b062018e10f9da5279f7ea03eb0f229a656ba1f82016ed76a82ae1e70cf6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Nov 2021 14:00:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fM60oBvbsfrRoVZjcFAVUn71I2Lq6bIusKcWIIqHoJZNBSVHwW6kYHTOwMz13wh%2F%2FTX%2FF%2FT6OLgcY2fmEJdOw2H9eP5bkxQb0RACgHKFovEmx%2BbelpjaWHHajOL14MjnuQKO1SkzSAPicU%2FLeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b86ad618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 frontend-modules.min.js Show response
50emais.com.br/wp-content/plugins/elementor/assets/js/ 14 KB
5 KB 209ms
205ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.4.8

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9af6cc766bb30e9809acc21d253b1c5bb67d998583cbb33d24d18b95f658b18d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Nov 2021 14:00:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VN29M%2FR0Xoiuv%2Bi7eJUGumuiBZaoSIirShDRX8ho3%2BmpRpf9VcxPxRj77thnjQ9CIw72CbHZjc9YCJkdRGunvZTo8jmbNioArG5Cw9FsMlbtGfqMpVwh10TalGagilLprmSABef6u%2F1RKSG5Og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b86ed618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 waypoints.min.js Show response
50emais.com.br/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
4 KB 260ms
256ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Nov 2021 14:00:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtcaMfRLVVhR3o6DIfTBN554fNUBilpzvU9BwSB4DFENKKNCkgtr755O2tcngF4OLU3OrCwen6Vn9EpqEchw%2FbuQTy0PZrVUMsI0zEhL1eTKh4IOyFtS05zrbILCy2%2FA7jHNsL6jzGcxuDgwAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b871d618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 core.min.js Show response
controle.50emais.com.br/wp-includes/js/jquery/ui/ 20 KB
7 KB 216ms
212ms Script
application/javascript 190.89.238.22
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.50emais.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.89.238.22 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS: br88.serverdo.in
Software: nginx/1.20.2 /
Resource Hash: 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:49 GMT
content-encoding: gzip
last-modified: Thu, 25 Mar 2021 20:02:19 GMT
server: nginx/1.20.2
etag: W/"605cec4b-5133"
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 swiper.min.js Show response
50emais.com.br/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
36 KB 232ms
229ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Nov 2021 14:00:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q51yn8nd7GgkX0URvUCLVlzgCr9VqHAmFR8BNIz35QqliYyofarQFoYOvxW4oGPWP1TgYw23JtbURbVsITzsTh1TOIAcW%2B%2F%2Fja1NSj%2BLG4k6p9eDm%2BksEbjA9GuDIrmgmh4x221Mhd9Dsj6gbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b875d618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 share-link.min.js Show response
50emais.com.br/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
2 KB 280ms
276ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.4.8

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Nov 2021 14:00:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjvEDKBaydMepTAAuUjl132KEpw5Y3WPVafsub7H744Px4JjfQlQqJjOKOMuM%2FRyEtQz38oztq2eo%2BD2%2BPdtd5qDVXPqonOwfpZkn2o99h05QCae1ObkXU6Hx6ov3VPbOach6tRm1n53%2FjzaKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b878d618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 dialog.min.js Show response
50emais.com.br/wp-content/plugins/elementor/assets/lib/dialog/ 11 KB
4 KB 223ms
220ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Nov 2021 14:00:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYUgAdT50jqKIkEO3p7oKC6vlII42w1RlhOqDX3Pu54kX3AjmcSDQX6A3FvZrER3dF0Lp2Qwe8nTEAd2%2BgibeBVdsqw3CeYTN8z29W5ieIbvR%2FMNNavzFdU6ZjwLTJYQ2pwIa7Qx4vul%2Bdx6mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b87bd618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 frontend.min.js Show response
50emais.com.br/wp-content/plugins/elementor/assets/js/ 36 KB
11 KB 280ms
277ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.4.8

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef46e86368c01cffc9a55e4ae44acbe6f5366913c4cb3af0ef90fad6210bbe29

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Nov 2021 14:00:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zp1suD71xLVmVdA81MA6QsgKkxhTH69bKQMc6xzSKOWJD2d3MS%2BZ9e8hxMxnVQCfrcHjfBJoRxju9o6WIdEfCdSBoEpKB%2FHC5YPZSiaYuGq6eVrfcCzr69gKYWEktG1cQoxodqkQLR4wqKb%2Brw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b87dd618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 preloaded-modules.min.js Show response
50emais.com.br/wp-content/plugins/elementor/assets/js/ 32 KB
10 KB 228ms
225ms Script
application/javascript 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://50emais.com.br/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.4.8

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c07872c94137c75eff810332cf06d85a8a5c82b5c3bf803a616c8079abfaa9d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Nov 2021 14:00:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yfz%2FhR4hLw%2B13RR%2FvB5K7GFD%2BpvjttZ0XgvLmUiRGG5P0S3%2BRvUnVvGIulkb0UXbjnpC%2F8GykehFvZNFCb6jzv8qhFfJE%2FIVC6yB7dJEFuN15C6obETl0PlEAfoasfIQipD1VNm%2Bq9bqYqTgNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6b24aef0b89dd618-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 45ms
18ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CRoboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.controle.50emais.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 21:15:27 GMT
x-content-type-options: nosniff
age: 599663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19868
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:31 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 15 Nov 2022 21:15:27 GMT

GET fontawesome-webfont.woff2
50emais.com.br/wp-content/themes/soledad/fonts/ 0
0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 35ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.controle.50emais.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 281402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:39:48 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 39ms
12ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.controle.50emais.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:18:02 GMT
x-content-type-options: nosniff
age: 282708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:18:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 43ms
17ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.controle.50emais.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 438811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 17 Nov 2022 17:56:19 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
355 B 39ms
13ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-P0BMD5VBL0&gtm=2oeba1&_p=243192760&sr=1600x1200&_gaz=1&ul=en-us&cid=1954475619.1637610591&_s=1&dl=https%3A%2F%2Fwww.controle.50emais.com.br%2F&dt=Home%20-%2050emais&sid=1637610590&sct=1&seg=0&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0BMD5VBL0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.controle.50emais.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.controle.50emais.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
355 B 59ms
20ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P0BMD5VBL0&cid=1954475619.1637610591&gtm=2oeba1&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0BMD5VBL0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.controle.50emais.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.controle.50emais.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-35328918-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0BMD5VBL0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c35409028cbabb0b1a2aac71d8d9e4f4fb54bb7a2ebb152a278dd0e5ab1c9e82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36145
x-xss-protection: 0
expires: Mon, 22 Nov 2021 19:49:50 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 73ms
50ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P0BMD5VBL0&cid=1954475619.1637610591&gtm=2oeba1&aip=1&z=375799256

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 270 KB
97 KB 52ms
36ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6507649514585438&plah=www.controle.50emais.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73a2df3fe6bb239f8079a019199af2e7d04b2537bf175ab246f58d8a5484a30b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99573
x-xss-protection: 0
server: cafe
etag: 9182409192631081792
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 19:49:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame CCD8 11 KB
5 KB 29ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Nov 2021 09:43:00 GMT
expires: Mon, 06 Dec 2021 09:43:00 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 36410
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-35328918-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2924
date: Mon, 22 Nov 2021 19:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 22 Nov 2021 21:01:07 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0MKF9LMFXX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0BMD5VBL0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3dca98ff7f2a872f0179c208691d64538f4bb69f43d3932b723ed39ed0f33d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61779
x-xss-protection: 0
expires: Mon, 22 Nov 2021 19:49:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FWQ0QJKGL4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0BMD5VBL0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff3b312159f18fe51eecea44be7ccd3553511ea25ba52e830791c6c70ac74c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61645
x-xss-protection: 0
expires: Mon, 22 Nov 2021 19:49:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4XLYWH46W4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0BMD5VBL0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d1c8d9ff9c1560e683a10ae1e89c008a51446a225ec6a7aac7d97b5ec17df2f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61793
x-xss-protection: 0
expires: Mon, 22 Nov 2021 19:49:50 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 52ms
27ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/bb4ee533-4177-468d-d929-08d96bc49622

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

e0d71e9e83d526a320cdee881361d1abcf386a92a21c116a31976690453bc75c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1052 / 433 of 1000 / last-modified: 1637582729"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26883
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Nov 2021 19:49:51 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/premiumprogrammatic-network/ 454 KB
39 KB 46ms
10ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/premiumprogrammatic-network/loader.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/bb4ee533-4177-468d-d929-08d96bc49622
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd4491d62238efbf3e620b3dd658471b39348e9ad70bc03c4f3b187e8ce7e37e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: kmCvzijI6Tz0PjDqBZac0.yUEgZvFkz9
content-encoding: gzip
etag: "419fbc4af1f878f9982efa1dd397c168"
age: 113
x-cache: HIT
content-length: 39465
x-amz-id-2: xTAYt9wgsVp+9eF9FWvwqXiCJEc8hmNg8UH8JcyHfAMlR6iZmjwB/hPYdbWnegrS5o/RVW5ca6E=
x-served-by: cache-hhn4036-HHN
last-modified: Mon, 22 Nov 2021 10:13:22 GMT
server: AmazonS3
x-timer: S1637610591.043264,VS0,VE1
date: Mon, 22 Nov 2021 19:49:51 GMT
vary: Accept-Encoding
x-amz-request-id: M97V8NY8F5YERGX4
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 88
x-cache-hits: 1

GET
H2 200 pbjs-min.js Show response
tags.premiumads.com.br/scripts/ 345 KB
100 KB 56ms
54ms Script
application/javascript 2606:4700:20::681a:e79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/bb4ee533-4177-468d-d929-08d96bc49622

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c26099049a8384d1e39b1ff46ea05561556a6caa6c03bad3c2995c1e1d248ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16584
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
last-modified: Mon, 22 Nov 2021 13:53:24 GMT
server: cloudflare
etag: W/"1d7dfa8512e46ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oz5pPr4wmkrjmtuuPPbUOj%2FdtNcSZ%2F8lCa5v5mPsOnRH5pSjxLhh%2FVhST7f9w6acJ7nKchMdMZLukPHkikYrCdoI3kQsQh8r7rJVG6jKyMrN24e1Q6JmUh1roc93AiXSbPY%2B2Q5RxG9X3n0jZEdyzfqxJpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 6b24aef1e91659c5-MXP

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 33ms
15ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-0MKF9LMFXX&gtm=2oeba1&_p=243192760&sr=1600x1200&ul=en-us&cid=1954475619.1637610591&_s=1&dl=https%3A%2F%2Fwww.controle.50emais.com.br%2F&dt=Home%20-%2050emais&sid=1637610590&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0MKF9LMFXX&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.controle.50emais.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.controle.50emais.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=243192760&t=pageview&_s=1&dl=https%3A%2F%2Fwww.controle.50emais.com.br%2F&ul=en-us&de=UTF-8&dt=Home%20-%2050emais&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1542612108&gjid=1060819983&cid=1954475619.1637610591&tid=UA-35328918-1&_gid=1834327091.1637610591&_r=1&gtm=2ouba1&z=771669390

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.controle.50emais.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.controle.50emais.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 15ms
15ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FWQ0QJKGL4&gtm=2oeba1&_p=243192760&sr=1600x1200&ul=en-us&cid=1954475619.1637610591&_s=1&dl=https%3A%2F%2Fwww.controle.50emais.com.br%2F&dt=Home%20-%2050emais&sid=1637610590&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FWQ0QJKGL4&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.controle.50emais.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.controle.50emais.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-4XLYWH46W4&gtm=2oeba1&_p=243192760&sr=1600x1200&ul=en-us&cid=1954475619.1637610591&_s=1&dl=https%3A%2F%2Fwww.controle.50emais.com.br%2F&dt=Home%20-%2050emais&sid=1637610590&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4XLYWH46W4&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.controle.50emais.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.controle.50emais.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
441 B 33ms
31ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.controle.50emais.com.br&callback=_gfp_s_&client=ca-pub-6507649514585438

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6507649514585438&plah=www.controle.50emais.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6e3a1219d42ca8866e00d0467794a7ac5f59f707b4c78d2c1619c39292191119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 43ms
17ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.controle.50emais.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 42ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.controle.50emais.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B068 0
19 B 96ms
81ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6507649514585438&output=html&adk=1812271804&adf=3025194257&lmt=1637610591&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.controle.50emais.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637610590954&bpp=4&bdt=914&idt=203&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3494282093130&frm=20&pv=2&ga_vid=1954475619.1637610591&ga_sid=1637610591&ga_hid=243192760&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754332%2C31063792&oid=2&pvsid=216886627718645&pem=917&tmod=1278409765&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=222

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Nov 2021 19:49:51 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Nov 2021 19:49:51 GMT
cache-control: private

GET
H3 200 logo-3-menor.png
50emais.com.br/wp-content/uploads/2021/02/ 164 KB
165 KB 274ms
272ms Image
image/png 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/02/logo-3-menor.png

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62ac1bbae44bf350c08131988746b1d88c7479d6ce11cb5e637eee4999bbd4c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 168137
last-modified: Tue, 16 Feb 2021 14:06:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eI80AGjjAY2P1Gh4hCd2phbaJEL3jml7t7rxMR8xbPdT%2FlUXH2hfwLQWaY3f7rsMl8De5AlisMlTGfYwune4KwZVKw42egKrmEsPf2%2B2vJIXBWjAoVdeM3DZRilx86kxuU23Aj%2FipyCymfWOAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24aef2fcdfd618-MXP
expires: max-age=A10368000, public

GET
H3 200 meu-olhar2.png
50emais.com.br/wp-content/uploads/2021/01/ 53 KB
54 KB 258ms
257ms Image
image/png 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/01/meu-olhar2.png

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b581342320730f7bb354f1bd28e36405c4987a3ecb4a696cfa77722f5af99fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54377
last-modified: Fri, 08 Jan 2021 21:36:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4TGEZuOQ6QL%2FkRdIae5sFEOEK7nePNH7MFxWZshWarq7YM0uyrxjUa%2F8w2RGe4OPohRmgJ%2B8DxlXi7060zqnc6ZfYPdniSsM9DOTlfl4kClKeeVHQjaJYb%2FRujH9YQKHj%2Fm5VDd1wCWXxfbKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24aef2fce1d618-MXP
expires: max-age=A10368000, public

GET
H3 200 WhatsApp-Image-2021-06-05-at-11.48.59.jpeg
50emais.com.br/wp-content/uploads/2021/06/ 28 KB
29 KB 249ms
248ms Image
image/jpeg 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/06/WhatsApp-Image-2021-06-05-at-11.48.59.jpeg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58d4e853b1ffdd4bd58a6c6fbb132d255bea7cb5eb25fe15485c717b1640cb92

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28620
last-modified: Sun, 06 Jun 2021 00:13:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1g0JDzE14FnBhdKyleZAARuw6rI9issKCipdH0QAX48vNa4N%2FB%2FmojczJrV0O50OS66Zz7cQKqG4LT4uEZvQsQjF8l0tEJnf3N3UVfYqswwFAlw311NBMfTc3Wl%2FPYpVDrWCISYLmOtyHTuVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24aef2fce6d618-MXP
expires: max-age=A10368000, public

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 44ms
21ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-35328918-1&cid=1954475619.1637610591&jid=1542612108&gjid=1060819983&_gid=1834327091.1637610591&_u=YADAAUAAAAAAAC~&z=2013239845

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.controle.50emais.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Nov 2021 19:49:51 GMT
content-type: text/plain
access-control-allow-origin: https://www.controle.50emais.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: 50emais.com.br
URL: https://50emais.com.br/wp-content/themes/soledad/js/facebook.js?ver=7.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f07ba81f420c82242a481582ef12e103601d453325cf74e7e193946c5018f03a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: QDqAbok+3o5ZZxA4KK/qMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 22 Nov 2021 19:55:42 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 5O0BN0st4hMKnz3kL/gh+tzqoP4PVsoEpmruDVpC1lJg8CxX1lESrkmJN/+RZTBhPXpNajN/YR2+kihaHlzUsQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 8a84a9a36315b272246af0d3b079f9ff
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 22 Nov 2021 19:49:51 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "21119899cea20d991adfe7974eed5fbf"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 17ms
17ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=243192760&t=pageview&_s=1&dl=https%3A%2F%2Fwww.controle.50emais.com.br%2F&ul=en-us&de=UTF-8&dt=Home%20-%2050emais&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAAC~&jid=1450516825&gjid=101500250&cid=1954475619.1637610591&tid=UA-35328918-1&_gid=1834327091.1637610591&_r=1&_slc=1&z=1390416497

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.controle.50emais.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.controle.50emais.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3_debug.js Show response
imasdk.googleapis.com/js/sdkloader/ 4 MB
595 KB 41ms
16ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3_debug.js

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/bb4ee533-4177-468d-d929-08d96bc49622

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7993a9292daeef51dfefafa5714204ba98383ad783dbd19f937cc508111c2815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 608067
x-xss-protection: 0
expires: Mon, 22 Nov 2021 19:49:51 GMT

GET
H3 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 59ms
44ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Nov 2021 19:49:51 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 177 B
147 B 34ms
19ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.controle.50emais.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ec487637619a54a090d035d8153916e64fd88c154c474c7310bae5eed9e12ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122
x-xss-protection: 0
expires: Mon, 22 Nov 2021 19:49:51 GMT

GET
H2 200 impl.20211122-2-RELEASE.js Show response
cdn.taboola.com/libtrc/ 610 KB
125 KB 8ms
8ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20211122-2-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/premiumprogrammatic-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 9dd80e8d1ef04e377c544467eb35dde30e7f47f99f6370c6222201f7caf21bb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: Q9FC6zeI9rAST0nT4DGF2QkHsN43q0EI
content-encoding: br
etag: "35c1ef2bf21a6c14d6b6d1407d3c453b"
age: 7305
x-cache: HIT
content-length: 127781
x-amz-id-2: Ey++a6f4yIXmzfylOs0F29VRe7KPABAp/6c+mpiNTN527NnyJGD31p1ilU7ihyEPRagK1M0vCkI=
x-served-by: cache-hhn4036-HHN
last-modified: Mon, 22 Nov 2021 09:39:37 GMT
server: AmazonS3-br
x-timer: S1637610591.259942,VS0,VE0
date: Mon, 22 Nov 2021 19:49:51 GMT
vary: Accept-Encoding
x-amz-request-id: 2HVTSD3Q6A8KP2PT
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 42
x-cache-hits: 5577

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 38ms
8ms Script
application/javascript 13.35.253.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/premiumprogrammatic-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 04:45:55 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 139593
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: yWPFbpOOa8hAkV70xAxlCeYI15JqQZBD6RCqLsv1zh48hBbK81hiQA==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 22ms
22ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-35328918-1&cid=1954475619.1637610591&jid=1450516825&gjid=101500250&_gid=1834327091.1637610591&_u=aADAAUABAAAAAC~&z=1749260400

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.controle.50emais.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Nov 2021 19:49:51 GMT
content-type: text/plain
access-control-allow-origin: https://www.controle.50emais.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 80ms
46ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35328918-1&cid=1954475619.1637610591&jid=1542612108&_u=YADAAUAAAAAAAC~&z=7560849

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 69ms
49ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35328918-1&cid=1954475619.1637610591&jid=1542612108&_u=YADAAUAAAAAAAC~&z=7560849

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET fontawesome-webfont.woff
50emais.com.br/wp-content/themes/soledad/fonts/ 0
0

GET
H3 200 Lili--585x585.jpg
50emais.com.br/wp-content/uploads/2021/11/ 26 KB
26 KB 213ms
212ms Image
image/jpeg 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/11/Lili--585x585.jpg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b83267ff7f3b137c601915fc48f2fbf7f8402eeee525bfe03f3452ff1812cf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26438
last-modified: Thu, 18 Nov 2021 20:10:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emnFojqLaPiHSTAu0Gq0eJGg%2Bg9lRUU00exo8IpofqAsozJFro7ql0lWiLcdSkXiY%2F2F7GCKVw98RcDdtQ8WY2mXBahykme6S3KKZFWqlhnp7lWg4Df2IqFsgIuU%2F2XVfsSQULKTtI3LmFnE%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24aef45f2ad618-MXP
expires: max-age=A10368000, public

GET
H3 200 Bras-585x394.jpg
50emais.com.br/wp-content/uploads/2021/11/ 63 KB
64 KB 403ms
402ms Image
image/jpeg 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/11/Bras-585x394.jpg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9bb19045619b6f39f75cc6ace78b6847e3ead1a6069daa2770d382bc49b29f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 65015
last-modified: Thu, 18 Nov 2021 20:08:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOw5nXHWcN%2BLlSZCQZ3hTxQ0k%2BBzQ5UFAop98W%2BKVUoiVCMpyOkGIVtQtXM2xNTJVNZ1DfGpftiW8fDBzkbTbjMdx7G%2B4DnxyiZefmUaQ04WT6cCp3NsifN1kyrx2BsieUWSwZnMh2ahGcF9VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24aef45f2cd618-MXP
expires: max-age=A10368000, public

GET
H3 200 A-foto--585x481.jpg
50emais.com.br/wp-content/uploads/2021/11/ 45 KB
46 KB 204ms
204ms Image
image/jpeg 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/11/A-foto--585x481.jpg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbb32d3557106ff65d3e177ca4c8d2f51435ed2642194ba283c2dafe1580e560

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 46031
last-modified: Thu, 18 Nov 2021 20:06:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXaJzVzpcM44tfipJF2fKiA9DKvsomDrhe3%2FrVkM0jMIcOYq50ZeHDP8IPpCoWfDPx2a3O51gZYXMLklW30TGlYl%2BwTKwMK4TRaYWC%2FuFvhg41MZCncabzqALZqoDtvVzAAEZIFmHfhRRB9eMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24aef45f2ed618-MXP
expires: max-age=A10368000, public

GET
H3 200 Mari1-585x585.jpeg
50emais.com.br/wp-content/uploads/2021/11/ 36 KB
37 KB 228ms
227ms Image
image/jpeg 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/11/Mari1-585x585.jpeg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c38ea62bc42c8e5d2a082951c699a43cbe72004eb68645422cd410a10fc90d71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 36965
last-modified: Thu, 18 Nov 2021 20:04:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUP1jGBCVh3d6iZ1KsZbz5VTN84SHmimaklmeNLs8fD8S2cnQhYyuZTYlY4h8RmcATQXabO0gzTpDDiWQQN0OX2aXywh2zSGgKR8GPYOCYQ3OYH%2FZv%2FLGoXrAB0YZ1Yng6ADevAjARhSdkSPeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24aef45f2fd618-MXP
expires: max-age=A10368000, public

GET
H3 200 vania2-1-480x650.jpeg
50emais.com.br/wp-content/uploads/2021/11/ 36 KB
37 KB 204ms
202ms Image
image/jpeg 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/11/vania2-1-480x650.jpeg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe0b42571ab123bb869bed26694f88ee0376a6208719a48162fb4ae3ed297005

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 37078
last-modified: Thu, 18 Nov 2021 20:03:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fofQFIwLGoDocdKuKO2kYatS978VpIvdh3tJ%2FJUtuR8WMbSLRbJRxz1zDYZ3yJbT6Ngg5cprNRQNB%2BVfjXJXeixwbjB7CKEzAP1A4BGnaIG3g%2Fku4NYoKtMcRbDwGRmatD0k3DXpO266hWK07w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24aef47f73d618-MXP
expires: max-age=A10368000, public

GET
H3 200 Primeira--480x640.jpg
50emais.com.br/wp-content/uploads/2021/11/ 28 KB
29 KB 189ms
187ms Image
image/jpeg 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/11/Primeira--480x640.jpg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3165bd139d2e5b92fc5b95f3258fdd3d56996164c37bf97186e4febae0fe768f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28789
last-modified: Thu, 18 Nov 2021 19:54:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zP5eDhrpuKS14CCWOuYpV9glPk39RVpzi%2FOg6VIGjddoLpaHcFvPoXCEjd2L96PiXBU80kcrPiJm%2FGs9UhM1VXw5E6XnLtZehh%2Bu%2FSIboL6imAldZsozDsbXRO8Ffhp7e78Wk5o9f%2BqEwE4pwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24aef47f76d618-MXP
expires: max-age=A10368000, public

GET
H3 200 Cida-Mendes-480x437.jpg
50emais.com.br/wp-content/uploads/2021/11/ 34 KB
35 KB 226ms
225ms Image
image/jpeg 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/11/Cida-Mendes-480x437.jpg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7eddb321010a8577cc10e75c593cd5abaed0fff6b1b54a2f173fd5cbd6f69b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35234
last-modified: Thu, 18 Nov 2021 19:51:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=by8TYDVSQdDTWerBAAZz0AXNifzwE4kTE85alUMV9hN%2FB5i7jdPThRZSBP2Rg3v9MPp70NQVvWJhSzXe8hvtlymNbMX4u%2F6%2FvCN2dnVrNk3qAyUSiAmMD1dFc5e34H5lB%2FMnmC86fvj2G0eGuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24aef47f77d618-MXP
expires: max-age=A10368000, public

GET
H3 200 Luciane-1.jpg
50emais.com.br/wp-content/uploads/2020/07/ 171 KB
172 KB 194ms
192ms Image
image/jpeg 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2020/07/Luciane-1.jpg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b18714d07837edd237a5deb7c106444141eda6ef06fd337c823835b258db5415

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 175427
last-modified: Tue, 20 Oct 2020 22:28:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tsw%2FT02Ij7PLOS%2BWapFi2fQ%2Bg4ilf5Xdr6MZCKK0z2w0J5aTAoWqz7PP9PI%2FL4cv627RAt6X9lSHcS3ZRQ4mlLHHqX59vLnYkAojkOqkt9BzO2nGJfUFN%2FK0RsrKOb9mv%2FCiUr93IKKZVjIY8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24aef49f96d618-MXP
expires: max-age=A10368000, public

GET
H3 200 Cabe-1-1-585x390.jpg
50emais.com.br/wp-content/uploads/2021/01/ 28 KB
29 KB 185ms
184ms Image
image/jpeg 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/01/Cabe-1-1-585x390.jpg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bce62845f452251d8e45686081503534f6b0845b6eb4344e2f70eb005269d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28794
last-modified: Wed, 17 Feb 2021 23:25:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCaFgygjnJxheaIiq%2Bi2OxHRmZV%2FQOrPGGG0MbOTkOjv%2B2wbT%2BX2zaUhCI6l5qkG%2FPRyUJyCQTneVM%2BjKlTwMk7h3Hb64DBry%2Fg8nSY0ZqbElQwahmQVG%2FSoaZhKp7kXq%2B1Yr50rTa4dQWMBwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24aef49f99d618-MXP
expires: max-age=A10368000, public

GET
H3 200 Lindo-1-582x390.jpg
50emais.com.br/wp-content/uploads/2020/11/ 29 KB
30 KB 225ms
224ms Image
image/jpeg 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2020/11/Lindo-1-582x390.jpg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dd3896a246a1ca4c38c3941b50e10c59b026234b80c8b46941d893d4ec387f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30080
last-modified: Thu, 18 Feb 2021 17:26:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzm19fYDUYEvxNRkVh5CgYLGKunitD8Wy%2B7%2Fr6fV0DP4TmcWAU4tX%2FyToEx7%2Bglol5SGeGqUVP0S%2BGSPPNcyEC06O7Uu56%2BWIZcSm9OU3A8ef4Qg4XDBSahHv9G8fRePcNiRwyy4YB2PYbxj%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24aef49f9cd618-MXP
expires: max-age=A10368000, public

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 351ms
50ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35328918-1&cid=1954475619.1637610591&jid=1450516825&_u=aADAAUABAAAAAC~&z=1047908000

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 51ms
50ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35328918-1&cid=1954475619.1637610591&jid=1450516825&_u=aADAAUABAAAAAC~&z=1047908000

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_GB/ 285 KB
81 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=6c87e03e4e42aba2f572303369ebd719

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f1e0bf5cd4438a81dc955241767b8f0e20ef9dbdeee6c8b13821f0120e9e3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.controle.50emais.com.br/
Origin: https://www.controle.50emais.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jROfusMtMGTc8nYV1kmEAQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 22 Nov 2022 18:19:32 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82886
x-fb-rlafr: 0
x-fb-debug: bJh/bEadRuFMYximn4VfaoxvADXeajn881muFGGkVk8sy64QkVGO1lV84p1ESAKSSk6RySAjVRW+vWX4QJHMkQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 7d74b8b1d5f64a3cb5f8496d0db3a441
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 19:49:51 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "87618e6a3302a1d12461acbb44cbffa1"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1637610591554&ns_c=UTF-8&cv=3.5&c8=Home%20-%2050emais&c7=https%3A%2F%2Fwww.controle.50emais.com.br%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1637610591554&ns_c=UTF-8&cv=3.5&c8=Home%20-%2050emais&c7=https%3A%2F%2Fwww.controle.50emais.com.br%2F&c9=

64 B
329 B

10ms
10ms

Image
image/gif

13.35.253.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1637610591554&ns_c=UTF-8&cv=3.5&c8=Home%20-%2050emais&c7=https%3A%2F%2Fwww.controle.50emais.com.br%2F&c9=
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: H2
Server: 13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:51 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: fpsaxaWS-eJqUTvQLQIcbLtqjlAXOHDLU0RddsxiboNeWuY4eGmlLg==

Redirect headers

date: Mon, 22 Nov 2021 19:49:51 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1637610591554&ns_c=UTF-8&cv=3.5&c8=Home%20-%2050emais&c7=https%3A%2F%2Fwww.controle.50emais.com.br%2F&c9=
content-length: 191
x-amz-cf-id: INR2LYHtlaFKGeuoqJjZ0_V7cEzGH5Jt87AoVHGuvtTFw2e4CC7mIA==

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
940 B 462ms
42ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 382736
x-amz-request-id: tx24904699bb274cfc93012-0061961d50
x-amz-id-2: tx24904699bb274cfc93012-0061961d50
last-modified: Thu, 18 Nov 2021 09:29:40 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TISgshw8fIqqqmTgUGVBy5zTULeKwaIjfZzvvSiBlx9u5oZeqHQVNvGwj6HZ1Vk6InLYxm3cL5PRt9TbK6kWt9cPmrrXJwa4g7dCaUcwT6aoPsEpiBa%2FuWYUyL3s52oIl4nanNMg1Gk%2B%2BzZ9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1637227780937425
cf-ray: 6b24aef82b5f5a0d-MXP

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ 2 KB
975 B 426ms
13ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: a411ab2181e2e49bd2ecf2f06b3e0db512532cf4ed7b8cf66e68daefd0018879

Request headers

Referer: https://www.controle.50emais.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:52 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.controle.50emais.com.br
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 274 B
661 B 521ms
109ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: faa2d322e1d00616fe3e188ceb9ed67cd4c3fb1b9fb4b87dbfe44587e6e99e47

Request headers

Referer: https://www.controle.50emais.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:52 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.controle.50emais.com.br
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
828 B 465ms
54ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

05bbbc33e08bd54b093b0a1fee762813282561d02bc7ab68f0334121f0333edd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.controle.50emais.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:52 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ca14f426-53bc-4ea5-a92f-4cae7d50752e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.controle.50emais.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 99 B
518 B 464ms
57ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mp.4dex.io/prebid

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf3e6de46b43de7927fb5d660336655743fe1e4b6fa2aaf2ef79327e47204f67

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.controle.50emais.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.controle.50emais.com.br
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=63072000
cf-ray: 6b24aef82ddf0e0e-MXP
x-err: Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
383 B 428ms
21ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.controle.50emais.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.controle.50emais.com.br
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 32ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.controle.50emais.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.controle.50emais.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 19:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 366 KB
101 KB 988ms
987ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=216886627718645&correlator=138519948621132&output=ldjh&impl=fifs&eid=31060978&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=75894840%3A22574001690%2C50EMAIS_SUPERBANNER_320x100_728x90%2C50EMAIS_INFEED_01%2C50EMAIS_BARRA_LATERAL_01%2C50EMAIS_BARRA_LATERAL_02&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F3%2C%2F0%2F3&prev_iu_szs=728x90%2C336x280%7C300x250%2C300x250%2C300x600%2C300x250%2C300x250&fsbs=1%2C1%2C1%2C1%2C1%2C1&prev_scp=pp_loop%3D00%7Cdata_type%3Dinfeed%26pp_loop%3D00%7Cpp_loop%3D00%7Cpp_loop%3D00%7Cpp_loop%3D00%7Cpp_loop%3D00&cust_params=url%3D50emais.com.br%26categoria%3Dhome&cookie=ID%3D9874676139bf68f1-22d6334ef6cb00ca%3AT%3D1637610591%3ART%3D1637610591%3AS%3DALNI_MZJhCaAezJOGlHWvTq_QbQZoPJ69g&bc=31&arp=1&abxe=1&lmt=1637610591&dt=1637610591623&dlt=1637610590040&idt=1545&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C437%2C1065%2C1065%2C1065%2C1065&adys=163%2C2453%2C914%2C1564%2C2449%2C3159&adks=3490985129%2C2823994780%2C907034928%2C3291297703%2C907034931%2C907034930&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.controle.50emais.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1%7C779x280%7C340x250%7C340x600%7C340x250%7C340x250&msz=1600x-1%7C779x280%7C340x250%7C340x600%7C340x250%7C340x250&ga_vid=1954475619.1637610591&ga_sid=1637610591&ga_hid=243192760&ga_fc=true&ga_cid=1834327091.1637610591&fws=4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600&btvi=0%7C1%7C0%7C2%7C3%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

2b9c12ecf4b728446188ac9b95782ad2bd9329e2782045c44504e22828a11a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103453
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.controle.50emais.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7EC7 6 KB
4 KB 53ms
15ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 19:49:52 GMT
expires: Tue, 22 Nov 2022 19:49:52 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET fontawesome-webfont.ttf
50emais.com.br/wp-content/themes/soledad/fonts/ 0
0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/prebid/
Redirect Chain

https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26uid%3D%7BPUB_USER_I...
https://ib.adnxs.com/prebid/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&uid=0e98a8a5-2b96-45be-9582-8495d6fe9d95

43 B
1 KB

8ms
8ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&uid=0e98a8a5-2b96-45be-9582-8495d6fe9d95

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:52 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d8123c08-8346-4beb-8eaa-d4583b001869
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/prebid/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&uid=0e98a8a5-2b96-45be-9582-8495d6fe9d95
date: Mon, 22 Nov 2021 19:49:52 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
22 KB 210ms
174ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txc28f364229e64563a287a-00619bf460
cf-ray: 6b24aef8aa370dfe-MXP
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-id-2: txc28f364229e64563a287a-00619bf460
last-modified: Thu, 18 Nov 2021 09:29:40 GMT
server: cloudflare
etag: W/"ade00d0c7876260b60ee0cd4912d02bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sedlO5JsJCpb1gflXJKSVHi7%2Fp2pIDoUBeFGpAzLEoujOmBsJGEXkdU0bHGQ7IBk87%2BgvZ%2FnM5QP4HX4p4dLFzOPtUvrMvBRZH8JdF9LMdEkL5VV%2FihprF1VB%2BV9%2B0S4shRBejDcUgJYeC0"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1637227779984125
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: Authorization

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.controle.50emais.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 19:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.controle.50emais.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 19:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
10 KB 781ms
780ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

aa11f0abd5ae64550f45c1ff9c1aac8559a7f57e809fa92bd6265607bd269bbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10017
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.controle.50emais.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 4B12 2 KB
870 B 8ms
8ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24%7BUSER_TOKEN%7D

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

acf5a8ec1316a73cfe9de3fce899c49d2e770bd8170a5e2017b445dd424fdd2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 778
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK setuid
ib.adnxs.com/prebid/ Frame 4B12 43 B
603 B 7ms
7ms Image
image/gif 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=onetag&gdpr=&gdpr_consent=&uid=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24%7BUSER_TOKEN%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:52 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 22bf8924-4097-4e68-9c15-a4844a26b182
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 671ms
166ms Image
image/gif 8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 5daa34953a867809056448757b76591b
Content-Type: image/gif

GET
H3 200 container.html Show response
011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5E79 6 KB
3 KB 23ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 19:49:52 GMT
expires: Tue, 22 Nov 2022 19:49:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B517 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 19:49:52 GMT
expires: Tue, 22 Nov 2022 19:49:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2483 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 19:49:52 GMT
expires: Tue, 22 Nov 2022 19:49:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 24D9 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 19:49:52 GMT
expires: Tue, 22 Nov 2022 19:49:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FB62 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 19:49:52 GMT
expires: Tue, 22 Nov 2022 19:49:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 913D 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 19:49:52 GMT
expires: Tue, 22 Nov 2022 19:49:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8AC5 624 B
297 B 22ms
22ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWkSjpDT4FBkG2yQ42VubmtftToq346aXllJ-xn_bblz3iTSZMcx5FflnlW0ccd_uFFisdTV-TPhxFtMP589A88HBIipHd7VU3InUr1NpPkTvwEWxuc4hOPXUGTMpJctuOJUKqpQj9qP_DThbIXTGfg7BG9WueL6EkudAjvNX9rA6njjAo

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 22 Nov 2021 19:49:52 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5E79 24 KB
15 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUFbsqA6oEDPwcoAnEV4qSGnMEkKlM7ByDdXUN-5_6HdxUBXuETmleaJObe_GTqZiNPatGYhXQXtwmtgOf6EOS6JqWqBYfthLcmV86dch8-cJGMP32_uvFRmd7xWRAlsHbJsvdnQv7x4hN1P-WiyNkIM6aAA&cry=1&dbm_d=AKAmf-CXiIM9ppnH5U-V5zzhE92AabBX0qD4vk-PIx1En_ZsYGyPSfZiPnDCV-ts7MnwnIv-t4E_xIzviakx2yEMklDDhJJMW016EVt1M1RvICUaL4HoqqPCqjrtuLkAFhVTtKv2dmXm12q85rApW8l_Uz7zCk72t4wOIDx6arD_57v5rQOC-zAj3DzbPMijzrx6WSxvx2UqlREaOYOQhUZDv9fmNTEfQkppICpIDDnD1cWLWSNGKIhxCDLIrhq6z5eEltrj7opfb0iMuhB4s-EKeQawGasKUYYZ-B7HghrckfmP_bB-C99OH9F0qd9dKm52A9oWcYT4puPYg6DMRQ2PoJSn8NLAgA2pYdPdyI33as4mBgBeyE8Z9AG4DWr92jkbRTxv7vQF8010s-BX1hOnxAhTM9tt83Scwqwp7cKIvr5uU_9RWPAYwwbTsVIOHdWtlvEBAwK-D_BuPBHlYzF1iNVTId9gDrxThZ4v5LAuOicRlGHaEJgwixaW8oC-xgJs2eNcJD_y2EPTID6IL93CwTjbJiEnf8rdDalzXK6GdQRsD944r1UkHjLe0EBd3qNfx35RCOfxFcvG3cOKZnC7kbHzpf3AQDvBeRXzqm-NJD2NBklSB8XLYAivCaOw_xkewqYlT0gKgxvi6kg90DxH-lxmNiix93tQZrRRW102mfmMhXuGso3qJEj0n-YXdICOF5c46HbLtKWKf7Ro7HrLsl9vyjrv4hHOW3LFtNeneIG7k2FzlSyOyflZBCmU3zeVWT-CDlFbcPyJZKItGm36Bm-0icRb1Csb5iJV1Nber4MhQ6VEK9_kxD-4CGZc3dmPD-K8vNOvtaSuMUziqBRXSY1g0cq_9E3LkCWLk3gqvKcKvo55mJZnX_b1UkIv2m54g_8qMP2Wh-5Cw9Nqsr-E_BMnIPgOfwHXV-Whkrl0gzGTnvCxzFd6D9sKrvM8Kvp6e9q-N4whfPi-lAowPZwpnSG0rvEjSHEVcWWGU_84TfvkgyUbvIo5qqpv90qskZPgRhL4lQnI5EMMgysCe9Xt8Bx0iz1_frcElPwIcj2nSCpfLHRuyf-1zVOShmpPJeqk_s3KmWu42_fyo47JJD2xqz067EKUvlEQR7Q46a0Up2MBDG8RuFLMrTNd1IDgNyLK_BOpEr7QbW53MHgqbBsx535w80GPIqwtvTS7VDuL7KnYcmk0z7Dqefakn910jVmqnRJTvPEMlo_KKvikUY_nlsOyq0MqnXKjP__SVu0QfWP5-KHrrK3lTzwTsGxdtY_KtU7h-V8n-1_tYWB2uSiBKdAEiH3BSACsF7QNOQ71X3H1vGYXQnI7JtnMKcDk6sC2rVpKnL3vUtJ7QZT2DEEw_vt-RoOxlpeVdnbKWH6UeDwh229a2XK_iY_rjmWX2mxSE-G_z1DWztNjyVDNSEjSpf9uWmn0QuVQv0YmaqLCDsg8csuJRVYaCAIxLfNM85c3K7pWkUjgqll-K77ZYQFnC_PEPAuoX1exRqLFvO2gieUqBYWWwgUcPOCyDp-kJxe209hdu_JdUNoXxlg11upoeRGsajmy2nClAHxeZ19aKVmI_AyhceytkxNASSmHa0VC-f3LK3ZooHDZ_TYLNvbfZVYsrW1iIjpjacrabrCKL7jpc8KcD4sCRexH3SlhzRBW7pDjqbDVkY7FPKr8G5W1N6a4Mh-Uvqug1tmfVueGAK7NfW3pCbYPduGxFdZMK8fxWbbsMEgS7l6lv_ubpyvp-qm7on4x8s-zutkqKdnjFVFGcyT2tzDUbLIc4IeKpQuyOrQAePiR-YyzNyf-EwCb8TYMLz6HCo3kOHISjPAYKlOs0hIKQBcSKopfc5rpjGp2OVs_wPpBivvsImAbKQqTW8LOpPPOMB5UnlCnDlVsZd4_Fe_hqCL14FTDhBRiuF5XMvh0EJ2HBMQ3lP1ErYgH0tBNUXPz7CWr8ZkKJ26xXIlGLcuKBJTydM2VQGdh7os9e9x-Ubq68yQRXR-zVcaIfjM_hsLruqXtQp8z2Xmoi8yTGyAaj6hb01FSXsN9m4-JmPlr2Q_Tjt3JXtk-HX9TyeVgrI-S-mvO61PO0eazPArjhEeuaq7ZfFEKuW7lpuhDPTZTTXFy7_2EmGBnjc_1mFdwEJBev5iHWVN8RQz3S78U8NRl8r5SqF6RbjhQXELXhtznl4_AQzCjHpbwBKobRXgi6Og5q1aFN7eE8STXte9ThYZItY3MHy10FuJh4Qt0tU4hzDX7hYdUzB-KWEX3iBFHEmXy19-CVy-GDD5FnMrDcIgGikwemUhY8O2KvPreKWB4xChM2ut-1QTnHw8GS8snfWrscfVtlO3hnTHVmYRBOjXZow-fda6mFi8F4VyXGlvZP7VOSo1I2X16RynbOoq7P1QEZEKLhpTzujpHlzyL_zE6rTZOGdQGDoLNGAqaam0S1LIBPrvIinLAmZ8f48_HjwZMEm6cBEXOj8wPMDvfanIRj8KBfUIUUVhXr-YAimwmR3OPlMhI5G8gueYA-XZF3LB7v80meuz-UzxK_BSgYhBGKw1fBgGSmZa0QCu_WfbYYH_WdGI85GJ6urwXz2p68H69Bbm5jJzCu1crQykVzfMPUtP0k1FUO2Axs7sTSogWfpM5d5RIwiwZtbIVV-MgWC8NRODeFHzqNLeSoVmJ2_bHbiQnBMoxii0DfLW_aq_gdCv8Z7KwUOcBH1Vy-A20jQG18XbEldF5-iGYHntGfGqtcUY91Gca3zg_1vOShSV0ugU74F7-ipc4sYO0TbyPO37rDvRsvHcTPpOuXnbnEjWHE-dhBLUI0QWGHVJKt_CHOItO9iSz5rZMGO6tgdwk7WAORMhQj1SCbtYDBBLiJXwEtKg_xmLB3tOuJEmuVg-3iD1wwDbi_mxRHVOTkLYCcq3ww9S9ff4Sa-vWMPRGLRrPvfTgD_PkFfwD_vJ93YHiCkh9leuHewT9nYVhwEqaZMWlV9AEix5_zRtxEXL_Cb4iTApkQJE4v8xPoDCwbuTJXJUCS9Y_LcGmUDVQ55DF0r3wZ-TUDmtCerlHkhOIt_KrXrHjplFlUMkfXEAshNILPHF6eGWzffcrBLcEGYOQVRCjVM7H4o9_yoew2tQbPDoPaUKLltU6UN7kGIhJSWTz2olxmYJW_4rPxwCAfxG9nzvbkcFvImabrgwTilewz1kyWgCB0NjVFOAnVQjkOkttgyCFBoaBhYsnav8gS8pxg63x0Q&cid=CAASEuRoqXuXqHsAYEXQgmrNzA2jSA&rfl=1%2Chttps%253A%252F%252Fwww.controle.50emais.com.br%252F%240

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

979157323f77677cedde62e5473a672535b85acaa597ffc04f6ad487739575f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14825
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E79 42 B
63 B 48ms
48ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DyEkGgJmCBEYlWDlK2AHzeZUJ8IS4hSt4LfNm3jJMIEWrFlSq9Qo7sWtU57YS5CgDMPalfvfNFFAryrOvMgxYOYK55nSK5RKeAHMwlHBJC2Jlh3ec

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 5E79 2 KB
1 KB 46ms
17ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:46:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E79 119 KB
37 KB 81ms
52ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Nov 2021 19:49:52 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 5E79 15 KB
7 KB 39ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:43:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5E79 0
0 18ms
16ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTt5oYD7oXuEu-8NVv1fjwA_r3ITnvQkkHC_PqqVKhcHCXuoS2JvNGDsYhTS5712n1RWiA3GoRURvOY0kBZszweEGmaeg
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DA6A 624 B
297 B 19ms
19ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi6h5mxATAB&v=APEucNUWNDDXIAC3PReWm5NvlXweHzdbn0BfT0D5PU-5kFv-RD0jzBt9eHeI2kVYbhccuHz82f5tM2l42DcC0n4yPpNYcSHw-k_iEeKXHX94MnmwIj_uFKqXWzR-i1tXlEk27W6By1NMYExUtGVBZjvi8_K0W02BNqh_CWpP2Uk7xHcpidBO46o

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 22 Nov 2021 19:49:52 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame B517 106 KB
38 KB 36ms
12ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
Origin: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 11:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31345
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 11:07:27 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame B517 6 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:07:57 GMT

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame B517 19 KB
8 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:39:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:39:27 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B517 42 B
63 B 44ms
43ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C-e56xutAbIs7KkA2pn3MC_xZWnc2_obOMceVyG5oYHxsqAJxS18bqDUsxmACWDR_qjoncXV0FncUsWi4nlyZMMQmzkL-aC-HQTz5MjB1iL2PorkA

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame B517
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_l_alw-on
https://d.adtriba.com/px.gif

42 B
227 B

8ms
8ms

Image
image/gif

52.29.24.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 52.29.24.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-24-121.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 19:49:52 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Mon, 22 Nov 2021 19:49:52 GMT
Last-Modified: Mon, 22 Nov 2021 19:49:52 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B517 2 KB
1 KB 33ms
17ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:46:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B517 119 KB
36 KB 134ms
118ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Nov 2021 19:49:52 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B517 15 KB
6 KB 27ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:43:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B517 0
0 25ms
23ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFDjysSo8QUrwjIAkRA1LgVMVDDRtMa5gioWQzCy1DisUPQnOlqfIJSiSpzv-I4WnCUt1WHcH7SHyBclOSNjsoibKKzg
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4977 624 B
297 B 26ms
23ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNVA30ct49jp7sblJINHDDpEu9x1aFmMg2ZMfB8QftGBP15Xkv06BjaYwRVjdGn5KLchvwLC8OJB7o0ylncLUyL-QhDJpIxxonNXe3nYV-zgz3JmHZm0XZaTdRHM2CMd-uebbPIzUO9gF9tF4D1csX7IyBwVfFAlXy98nAiKhOwAfEjiJtA

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 22 Nov 2021 19:49:52 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2483 24 KB
14 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CV2wNYNwWHJ_xAL0VCb_6ru0HHi72RIgX--aBbP_u3boTojqs_cmpyrYI7y6U41SeZqTfVXUYZu63YZxllTTwyRzeZt-gKk84CtgrJJe2miHpcaxFUUgTIshf1Op1WCDLxGQdvaUB7TfVHsuBSaSk77_RlQQ&cry=1&dbm_d=AKAmf-ApcLXt11Ov-thZZkt2q3lx14LN2QAGHjVRvAd-1xLAQovHVw4adlicPbCkiUbo9PJXI2d_o2xI3QPpHXQ5PGKru4kMgztgdN0VuVx87zXyhyMCO7sy-VSRnZ_iNqmhYC75VEPzntFTTgVFe6BTGOX8iv9bfY_uOD-z3WSocDSMKXArYQq4stXRAUzXqst7z1KYEd9Qp3AqzkPmmZ-V8o9vSHjBq1HhwQyl3XgOhfme2fRcQ-hp29MGe41aPSND5nvBlcGwuMYtffiRFgNEe2ZhihQTQ_jXqi803h8KG6mlntL1krg1QPVXI1Tb4qFKUnm87nJVZgrFBwZSBHujOtoNGVuR1qTQmyUsPSOoD9A8EZDIvX_sGsrnpHAhKM_no5pMKPiJTRmtJdfBcSdMN4o46rpBCIullG2BBV5n23FkSnJFmUHrJVjLS5bPVaYh8dk0qJMQ-RPXLWXJqfuIcveOAexo7fx3I8hTsywwKcTFZQSToMFlPOG9bRWhsM3eMph43kxz8Vz7bSY2DRJBIQFxnPgt0z1GMNwzVLd4Kjbxn3hH6K06q_8DvNBPtsEpQtHbA2bmYHw-58B3JCSibIyDniGA0pjb6nVBb7A9QYRifEHWiRWtbQ9DIbddarzVNOWyqvWmD7529-0rUjEyU-cJTFIHSi3dD8GEW-t31uy2VCRCJ8ZwOgsLXYBZI3bCeJ6Rwfq_-aq9JxP0GOs8BO93UXjldUoAuMKLTgnHo5e8Bfgoz333JwWw04HuZNk3QhDgC6fv2acCyC1rguFihDhU3UqexzrLatsVCwW3sFywQsxqJ3YalTrQP05sWUVx0jtFV_mreBH46UT78ZWiAlsbgESS7wPCzZMZhhXvV0hzlMWynFJKHIvL-S41YbuqeZeKRgRcNPG07-ZPNlNNQf982WpUsoINE34tmQRge372nDqqgT0XH3SkVLXud8d8XKKsJN4YfDieVgscSP-n5lVR8Syi2lr4_yo1gu1nZaqimJAcKKsbwdObpHgY2QmeNd9UlT3V-BgMgp2O2NfjhF7FBVOVjlZMpRuUMX8XCbUCDKEPbSfaiKIz0oD1KD2lkcYglY3jZdCDS6MsmmNTFstT7jNxRGRMRYdHGxnZzQydyeZ79h3lSsIGUC5OHexfiDPOZEJ6Qq7WOQTXYbmLBhvmuVzoNb4luJL8pWMcx2t_2J2hIO6hL7_Gghwbo6OlRmt5eD8kNba_9S8bm8f98o_TPasD1LINfRDqwGpUCC2-o_lewd_oE9IAV-vVU5uIWlLM5hq78mx1g7wQNHS0Tnw8og_LbC617Thugnkgfny1wEAK59Ch_3hc6hYgDyIF_g7mmz09ikpWodg7XF28AlheOS7G2f_taN0jmNSiA9SgNHnBcrcUCgHUXyuD8Wl6ZohJooT5rLE8yqP71lMFRGuohWQe0e6m0zYicwdvvzKOIGRgNW1O9oQPENMlAh74nW0ednrRECFialfakOcGt8qBV9Y5EBExoPFVzpQoMcYZHa8U7V52m6ZtJ-Ejw3ULG9CWoZSeasOdIL-eIf-LzdPHaaFZhrB85WHpDikWiK-En0p224DPrRyhP7C80m6KTGwdUzlrsYfu7hbCol9pmZ1Vto_VUsi7a61NWdurd5cad3fygxlQU-QL55w9l5A2RDpd85SfOmFdhKG3JDu3v-9atPtD-Mz8k73h9UKoSIvojqSFUju1UducLebr7CMNCGgqWC9mCjVUuEXhV83rpZ79YOR_kpfRhjzi-lgxSHKxZfphlYLs-b19W8-qaiz5G_D26CJ0S3j1R-_8w2x8TA8uANHIJtLgjEiKO0Yfcd78fLYELmE7sX_Sm0AO3A7D9jAh1RWU1aNEOCN91a-x6SutF8g6Adlmvl4ojNw8NNpP6BMbVGFPGB1qi4wA36D4d4YpHYKqFDFpq0wWCLIUEufFzIHkJoDvdT2sE69z4Q6AcvJBYyDnC3v-8H4KJRe-64dRGksH7Asx0TW0bg5vpLHVt87JLm7ul0rDHiUho-cvjGujRqbl-RXVfGyaj5rUWfJ--xHgwK3CwFJMHYLjyUKXZKZcTNwgjdCk4-_4F-vJZXiKI2rkRJcGMlzKayqWj5F2p71FpliCyoERa_6k5jN7hkj0RkxtwXTJX40pMWqFnoB6vrjUSn6Tku-MAA3fohVKN2d7Mk6P7suHif6FLs37tkW1fjakD8VgYDy38lwGV3xVvVXC8lneXkoE8mlXzmoHB0LmqEPPNv52g8jia8-jdImWsuLyrPBDWZaB6tx6hbW36SP9RrRDMOVjAO_XgTa0QzfaUyzMYJje4UBCPV4JZdI9N-j1REFiCDhcZtxXdHZ0HVXRVCvxrWVUwlfbGZSCq4sCsHec4dT_y6_PEp7tAlIJ5aILLgRdII8N8lac2at4x5CgBNpRBg1YLf0dPEffnIKRbwEeuoCPfeXMdLF6ct-dP1Ul-rSI8Wp05g29a3c7xdj_8R3Tvolnc7OpUsoiWyP4Be8VISGYHexQ8zBhg7_DAJ1z3REeUoFy4aRxyP7AVZ1p5SUmbllVykRrNKJMamzsfVAgQcPN_yoRD9_yHSdBpVhf_cMKD80TRk3nd1QszmLvQjqajQQgES9EJWL0RbNviRdzoWvq7vAji_7in3s0rBJyDVObZbKpN7wVXbaLsA0cOSO2IDwoE-lx601LxxP-KE2th2nqFmp8dWtKjK3BQp7gc4edEqcom5StQ_0KZ5Zjx4V7ie_29czVaHGspAFi-PmlAvpGSMeA57WDOFwUkeZkp0YtRrVbL2WxB2kyzL5gwjKARuxY1NdqBNnUT6ld5hpCJQH5-3RlAE686tksq4NVKI84oYwUVv96gIcQ8bStfD8Et-Nx4sig7Kv1TIE9GPaSw2Cx47mIwp75mNOZSmP3SYaaeWV2VJkS4B_Pb3EeW1_N4YBIbMyLrqJXwWS40OuT5-1HlHX9MSAfohjpMAnGUaBguiCFWl5EUC77kmPVmz_3tWMiYz9pN2uUgQp6VAbKR62Dzg1z1swtzfzSXKeXP5Wp-YVxj7bRwgKlOMCBJUJVgFsKvq3LtH8-KjkOgc7Cmx0gIGz9WpfPYT-ENOHxn1Mne8majpw22rcXfmxx8fTqcj6q0fK1X9ml3VzH501cPRnFA5ZoS0kmME5CoaYKTc9mVP6KekUWNJYir1mokcmLwaVyldqrJusJMzK_mrmO01nW2zIBZ1YExX2YIe88mU70qzu2mT5FdfSrqsWyWN6sRzGIH3oY1OEEgbvY&cid=CAASEuRokSSWr3rd-bAu3aYJpdqRjQ&rfl=1%2Chttps%253A%252F%252Fwww.controle.50emais.com.br%252F%240

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40a565df3b00b870842de656ba83b8276653258fb3786ea06a1ea2e2cdafb5e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14736
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2483 42 B
63 B 45ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BR8D7ZxvA_0Gun7KVOF_dtUrHGX33f2eXyimPkLHSg9aFq3WQ7JcNjBxamVNO6E-sIMDMPbXZPSEBz8pRtImaGX-vrM0cov_SYnm6I51G0pQkGKQA

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 2483 2 KB
1 KB 30ms
17ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:46:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2483 119 KB
36 KB 124ms
112ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Nov 2021 19:49:52 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 2483 15 KB
6 KB 24ms
12ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:43:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2483 0
0 25ms
22ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQERpCrRqSg3NeQNLcUAWTpsrv9d9lnHJ_V_gGc0Rx6ABaxEV8LlI5plXuyUgU4dmstasZ2v--PJTJ4zKq5Fz9SFsA2Sw
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 847C 624 B
297 B 24ms
20ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiVrJmxATAB&v=APEucNWJYDQl4COurMWZG8FWKi4sy-easONDN1g6sZQEQBtjwlsLWCAuxeu0mbblA5TfI6APFXf-7zq1mrH7nE80R7DfvdqC09N-lGYYLs4vpt6hlnY4KJ34fhad9i2afdzmygKfuP4CLqYr4aEMzAUcyGgh9A2h3CneXPv5jKitVo5u8PUccb4

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 22 Nov 2021 19:49:52 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 1DE7 106 KB
37 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
Origin: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 11:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31345
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 11:07:27 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 1DE7 6 KB
3 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:07:57 GMT

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 1DE7 19 KB
8 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:39:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:39:27 GMT

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame 1DE7
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_l_alw-on
https://d.adtriba.com/px.gif

42 B
227 B

8ms
8ms

Image
image/gif

52.29.24.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 52.29.24.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-24-121.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 19:49:52 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Mon, 22 Nov 2021 19:49:52 GMT
Last-Modified: Mon, 22 Nov 2021 19:49:52 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1DE7 2 KB
1 KB 34ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:46:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DE7 119 KB
36 KB 98ms
93ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Nov 2021 19:49:52 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1DE7 15 KB
6 KB 33ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:43:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1DE7 0
0 21ms
18ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQz0-0P0oNPtdMBc62X6VrBklNuuQVbSTPIYUS_5RUT3rph9_ex7ZJSaAaM2li68RT1fvFpUO_379hrutdIJPvDAsooVA
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DE7 42 B
63 B 45ms
43ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AKGaXMORLIg5HjN_qL_UXCDALPecPejYTCQ-yuiqpI99XGjvDji_nJAW-rS9tJ0Hrt40jsR0tHg6UZN-l8GNlj-XNGjzu5QSp4lWbJxVEO87l4PbI

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 08A2 624 B
297 B 20ms
19ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi6h5mxATAB&v=APEucNWxX6ifobdoRDnovLoNeFg6qmybkl46mjzbnxp8jeN9_pBfvlzfkqwemMmpOU7m08H7e1qqkmUq2AW9nCT8KxP4bchs1-TGB7wrslFAftrxFQkvZQ5fFZ1QQ9ZT-KtBkIwjAXx69DBuhM2Iz7UrcOcsgFIlT7tjIWlm6H7eAbW7Ys-_QG8

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 22 Nov 2021 19:49:52 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame FB62 106 KB
37 KB 17ms
8ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
Origin: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 11:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31345
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 11:07:27 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame FB62 6 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:07:57 GMT

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame FB62 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:39:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:39:27 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FB62 42 B
63 B 39ms
39ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D-uvGToppvJAFbKPez0BfZrC6-Vti97xqQAZSLgyJZSr6T56eRn0pX7CIjPlKgA5ro6P_8P1Ys4wEDc2F8iUHYVcShuPO9Rc3yqVSeZ4FpPNpLazA

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame FB62
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_l_alw-on
https://d.adtriba.com/px.gif

42 B
227 B

7ms
7ms

Image
image/gif

52.29.24.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 52.29.24.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-24-121.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 19:49:52 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Mon, 22 Nov 2021 19:49:52 GMT
Last-Modified: Mon, 22 Nov 2021 19:49:52 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FB62 2 KB
1 KB 26ms
12ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:46:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FB62 119 KB
36 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Nov 2021 19:49:52 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FB62 15 KB
6 KB 22ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:43:24 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 46F4 624 B
297 B 23ms
19ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi6h5mxATAB&v=APEucNWviu0qJ1eYhC97dshtlGfmN68y6nq7Qay0anKB5EkhVKBuqsc9-_P1MwBc7u9FwH0g9r98z5No_T6UBf1VW3b0shbdOV122pkmEnmmQLK5w3t5ELxvZt9p4ZadgUce5BNvJQmD-6hujqf4h85S3_s9jmHXvuT65ImvF62zku7dQMv3QkU

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 22 Nov 2021 19:49:52 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 913D 106 KB
37 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
Origin: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 11:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31345
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 11:07:27 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 913D 6 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:07:57 GMT

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 913D 19 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:39:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:39:27 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 913D 42 B
63 B 42ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cz8iw-ES-kIT8prcHOOTfgttJBh3_HsvbeXpt2L4GOAz90-uk0AnR8d5BDQY1pWqmKh8txB1FycnACCjQ1VSYJHQlexXXbvs9iTTq8zsBigawHMqg

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame 913D
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_l_alw-on
https://d.adtriba.com/px.gif

42 B
227 B

7ms
7ms

Image
image/gif

52.29.24.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 52.29.24.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-24-121.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 19:49:52 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Mon, 22 Nov 2021 19:49:52 GMT
Last-Modified: Mon, 22 Nov 2021 19:49:52 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 913D 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:46:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 913D 119 KB
36 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Nov 2021 19:49:52 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 913D 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:43:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 913D 0
0 15ms
14ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTK7PxyYKsSLJqCpY5d6Pa-2ld2PxatYHGXOcFDkBi3uveibMoHdXD59WpLaPejuSPNEvcdE1zL1WwKIn8KaR7xF6v0TQ
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 5E79 24 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUFbsqA6oEDPwcoAnEV4qSGnMEkKlM7ByDdXUN-5_6HdxUBXuETmleaJObe_GTqZiNPatGYhXQXtwmtgOf6EOS6JqWqBYfthLcmV86dch8-cJGMP32_uvFRmd7xWRAlsHbJsvdnQv7x4hN1P-WiyNkIM6aAA&cry=1&dbm_d=AKAmf-CXiIM9ppnH5U-V5zzhE92AabBX0qD4vk-PIx1En_ZsYGyPSfZiPnDCV-ts7MnwnIv-t4E_xIzviakx2yEMklDDhJJMW016EVt1M1RvICUaL4HoqqPCqjrtuLkAFhVTtKv2dmXm12q85rApW8l_Uz7zCk72t4wOIDx6arD_57v5rQOC-zAj3DzbPMijzrx6WSxvx2UqlREaOYOQhUZDv9fmNTEfQkppICpIDDnD1cWLWSNGKIhxCDLIrhq6z5eEltrj7opfb0iMuhB4s-EKeQawGasKUYYZ-B7HghrckfmP_bB-C99OH9F0qd9dKm52A9oWcYT4puPYg6DMRQ2PoJSn8NLAgA2pYdPdyI33as4mBgBeyE8Z9AG4DWr92jkbRTxv7vQF8010s-BX1hOnxAhTM9tt83Scwqwp7cKIvr5uU_9RWPAYwwbTsVIOHdWtlvEBAwK-D_BuPBHlYzF1iNVTId9gDrxThZ4v5LAuOicRlGHaEJgwixaW8oC-xgJs2eNcJD_y2EPTID6IL93CwTjbJiEnf8rdDalzXK6GdQRsD944r1UkHjLe0EBd3qNfx35RCOfxFcvG3cOKZnC7kbHzpf3AQDvBeRXzqm-NJD2NBklSB8XLYAivCaOw_xkewqYlT0gKgxvi6kg90DxH-lxmNiix93tQZrRRW102mfmMhXuGso3qJEj0n-YXdICOF5c46HbLtKWKf7Ro7HrLsl9vyjrv4hHOW3LFtNeneIG7k2FzlSyOyflZBCmU3zeVWT-CDlFbcPyJZKItGm36Bm-0icRb1Csb5iJV1Nber4MhQ6VEK9_kxD-4CGZc3dmPD-K8vNOvtaSuMUziqBRXSY1g0cq_9E3LkCWLk3gqvKcKvo55mJZnX_b1UkIv2m54g_8qMP2Wh-5Cw9Nqsr-E_BMnIPgOfwHXV-Whkrl0gzGTnvCxzFd6D9sKrvM8Kvp6e9q-N4whfPi-lAowPZwpnSG0rvEjSHEVcWWGU_84TfvkgyUbvIo5qqpv90qskZPgRhL4lQnI5EMMgysCe9Xt8Bx0iz1_frcElPwIcj2nSCpfLHRuyf-1zVOShmpPJeqk_s3KmWu42_fyo47JJD2xqz067EKUvlEQR7Q46a0Up2MBDG8RuFLMrTNd1IDgNyLK_BOpEr7QbW53MHgqbBsx535w80GPIqwtvTS7VDuL7KnYcmk0z7Dqefakn910jVmqnRJTvPEMlo_KKvikUY_nlsOyq0MqnXKjP__SVu0QfWP5-KHrrK3lTzwTsGxdtY_KtU7h-V8n-1_tYWB2uSiBKdAEiH3BSACsF7QNOQ71X3H1vGYXQnI7JtnMKcDk6sC2rVpKnL3vUtJ7QZT2DEEw_vt-RoOxlpeVdnbKWH6UeDwh229a2XK_iY_rjmWX2mxSE-G_z1DWztNjyVDNSEjSpf9uWmn0QuVQv0YmaqLCDsg8csuJRVYaCAIxLfNM85c3K7pWkUjgqll-K77ZYQFnC_PEPAuoX1exRqLFvO2gieUqBYWWwgUcPOCyDp-kJxe209hdu_JdUNoXxlg11upoeRGsajmy2nClAHxeZ19aKVmI_AyhceytkxNASSmHa0VC-f3LK3ZooHDZ_TYLNvbfZVYsrW1iIjpjacrabrCKL7jpc8KcD4sCRexH3SlhzRBW7pDjqbDVkY7FPKr8G5W1N6a4Mh-Uvqug1tmfVueGAK7NfW3pCbYPduGxFdZMK8fxWbbsMEgS7l6lv_ubpyvp-qm7on4x8s-zutkqKdnjFVFGcyT2tzDUbLIc4IeKpQuyOrQAePiR-YyzNyf-EwCb8TYMLz6HCo3kOHISjPAYKlOs0hIKQBcSKopfc5rpjGp2OVs_wPpBivvsImAbKQqTW8LOpPPOMB5UnlCnDlVsZd4_Fe_hqCL14FTDhBRiuF5XMvh0EJ2HBMQ3lP1ErYgH0tBNUXPz7CWr8ZkKJ26xXIlGLcuKBJTydM2VQGdh7os9e9x-Ubq68yQRXR-zVcaIfjM_hsLruqXtQp8z2Xmoi8yTGyAaj6hb01FSXsN9m4-JmPlr2Q_Tjt3JXtk-HX9TyeVgrI-S-mvO61PO0eazPArjhEeuaq7ZfFEKuW7lpuhDPTZTTXFy7_2EmGBnjc_1mFdwEJBev5iHWVN8RQz3S78U8NRl8r5SqF6RbjhQXELXhtznl4_AQzCjHpbwBKobRXgi6Og5q1aFN7eE8STXte9ThYZItY3MHy10FuJh4Qt0tU4hzDX7hYdUzB-KWEX3iBFHEmXy19-CVy-GDD5FnMrDcIgGikwemUhY8O2KvPreKWB4xChM2ut-1QTnHw8GS8snfWrscfVtlO3hnTHVmYRBOjXZow-fda6mFi8F4VyXGlvZP7VOSo1I2X16RynbOoq7P1QEZEKLhpTzujpHlzyL_zE6rTZOGdQGDoLNGAqaam0S1LIBPrvIinLAmZ8f48_HjwZMEm6cBEXOj8wPMDvfanIRj8KBfUIUUVhXr-YAimwmR3OPlMhI5G8gueYA-XZF3LB7v80meuz-UzxK_BSgYhBGKw1fBgGSmZa0QCu_WfbYYH_WdGI85GJ6urwXz2p68H69Bbm5jJzCu1crQykVzfMPUtP0k1FUO2Axs7sTSogWfpM5d5RIwiwZtbIVV-MgWC8NRODeFHzqNLeSoVmJ2_bHbiQnBMoxii0DfLW_aq_gdCv8Z7KwUOcBH1Vy-A20jQG18XbEldF5-iGYHntGfGqtcUY91Gca3zg_1vOShSV0ugU74F7-ipc4sYO0TbyPO37rDvRsvHcTPpOuXnbnEjWHE-dhBLUI0QWGHVJKt_CHOItO9iSz5rZMGO6tgdwk7WAORMhQj1SCbtYDBBLiJXwEtKg_xmLB3tOuJEmuVg-3iD1wwDbi_mxRHVOTkLYCcq3ww9S9ff4Sa-vWMPRGLRrPvfTgD_PkFfwD_vJ93YHiCkh9leuHewT9nYVhwEqaZMWlV9AEix5_zRtxEXL_Cb4iTApkQJE4v8xPoDCwbuTJXJUCS9Y_LcGmUDVQ55DF0r3wZ-TUDmtCerlHkhOIt_KrXrHjplFlUMkfXEAshNILPHF6eGWzffcrBLcEGYOQVRCjVM7H4o9_yoew2tQbPDoPaUKLltU6UN7kGIhJSWTz2olxmYJW_4rPxwCAfxG9nzvbkcFvImabrgwTilewz1kyWgCB0NjVFOAnVQjkOkttgyCFBoaBhYsnav8gS8pxg63x0Q&cid=CAASEuRoqXuXqHsAYEXQgmrNzA2jSA&rfl=1%2Chttps%253A%252F%252Fwww.controle.50emais.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:44:08 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5E79 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 12:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 19 Nov 2022 12:35:12 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 2483 24 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CV2wNYNwWHJ_xAL0VCb_6ru0HHi72RIgX--aBbP_u3boTojqs_cmpyrYI7y6U41SeZqTfVXUYZu63YZxllTTwyRzeZt-gKk84CtgrJJe2miHpcaxFUUgTIshf1Op1WCDLxGQdvaUB7TfVHsuBSaSk77_RlQQ&cry=1&dbm_d=AKAmf-ApcLXt11Ov-thZZkt2q3lx14LN2QAGHjVRvAd-1xLAQovHVw4adlicPbCkiUbo9PJXI2d_o2xI3QPpHXQ5PGKru4kMgztgdN0VuVx87zXyhyMCO7sy-VSRnZ_iNqmhYC75VEPzntFTTgVFe6BTGOX8iv9bfY_uOD-z3WSocDSMKXArYQq4stXRAUzXqst7z1KYEd9Qp3AqzkPmmZ-V8o9vSHjBq1HhwQyl3XgOhfme2fRcQ-hp29MGe41aPSND5nvBlcGwuMYtffiRFgNEe2ZhihQTQ_jXqi803h8KG6mlntL1krg1QPVXI1Tb4qFKUnm87nJVZgrFBwZSBHujOtoNGVuR1qTQmyUsPSOoD9A8EZDIvX_sGsrnpHAhKM_no5pMKPiJTRmtJdfBcSdMN4o46rpBCIullG2BBV5n23FkSnJFmUHrJVjLS5bPVaYh8dk0qJMQ-RPXLWXJqfuIcveOAexo7fx3I8hTsywwKcTFZQSToMFlPOG9bRWhsM3eMph43kxz8Vz7bSY2DRJBIQFxnPgt0z1GMNwzVLd4Kjbxn3hH6K06q_8DvNBPtsEpQtHbA2bmYHw-58B3JCSibIyDniGA0pjb6nVBb7A9QYRifEHWiRWtbQ9DIbddarzVNOWyqvWmD7529-0rUjEyU-cJTFIHSi3dD8GEW-t31uy2VCRCJ8ZwOgsLXYBZI3bCeJ6Rwfq_-aq9JxP0GOs8BO93UXjldUoAuMKLTgnHo5e8Bfgoz333JwWw04HuZNk3QhDgC6fv2acCyC1rguFihDhU3UqexzrLatsVCwW3sFywQsxqJ3YalTrQP05sWUVx0jtFV_mreBH46UT78ZWiAlsbgESS7wPCzZMZhhXvV0hzlMWynFJKHIvL-S41YbuqeZeKRgRcNPG07-ZPNlNNQf982WpUsoINE34tmQRge372nDqqgT0XH3SkVLXud8d8XKKsJN4YfDieVgscSP-n5lVR8Syi2lr4_yo1gu1nZaqimJAcKKsbwdObpHgY2QmeNd9UlT3V-BgMgp2O2NfjhF7FBVOVjlZMpRuUMX8XCbUCDKEPbSfaiKIz0oD1KD2lkcYglY3jZdCDS6MsmmNTFstT7jNxRGRMRYdHGxnZzQydyeZ79h3lSsIGUC5OHexfiDPOZEJ6Qq7WOQTXYbmLBhvmuVzoNb4luJL8pWMcx2t_2J2hIO6hL7_Gghwbo6OlRmt5eD8kNba_9S8bm8f98o_TPasD1LINfRDqwGpUCC2-o_lewd_oE9IAV-vVU5uIWlLM5hq78mx1g7wQNHS0Tnw8og_LbC617Thugnkgfny1wEAK59Ch_3hc6hYgDyIF_g7mmz09ikpWodg7XF28AlheOS7G2f_taN0jmNSiA9SgNHnBcrcUCgHUXyuD8Wl6ZohJooT5rLE8yqP71lMFRGuohWQe0e6m0zYicwdvvzKOIGRgNW1O9oQPENMlAh74nW0ednrRECFialfakOcGt8qBV9Y5EBExoPFVzpQoMcYZHa8U7V52m6ZtJ-Ejw3ULG9CWoZSeasOdIL-eIf-LzdPHaaFZhrB85WHpDikWiK-En0p224DPrRyhP7C80m6KTGwdUzlrsYfu7hbCol9pmZ1Vto_VUsi7a61NWdurd5cad3fygxlQU-QL55w9l5A2RDpd85SfOmFdhKG3JDu3v-9atPtD-Mz8k73h9UKoSIvojqSFUju1UducLebr7CMNCGgqWC9mCjVUuEXhV83rpZ79YOR_kpfRhjzi-lgxSHKxZfphlYLs-b19W8-qaiz5G_D26CJ0S3j1R-_8w2x8TA8uANHIJtLgjEiKO0Yfcd78fLYELmE7sX_Sm0AO3A7D9jAh1RWU1aNEOCN91a-x6SutF8g6Adlmvl4ojNw8NNpP6BMbVGFPGB1qi4wA36D4d4YpHYKqFDFpq0wWCLIUEufFzIHkJoDvdT2sE69z4Q6AcvJBYyDnC3v-8H4KJRe-64dRGksH7Asx0TW0bg5vpLHVt87JLm7ul0rDHiUho-cvjGujRqbl-RXVfGyaj5rUWfJ--xHgwK3CwFJMHYLjyUKXZKZcTNwgjdCk4-_4F-vJZXiKI2rkRJcGMlzKayqWj5F2p71FpliCyoERa_6k5jN7hkj0RkxtwXTJX40pMWqFnoB6vrjUSn6Tku-MAA3fohVKN2d7Mk6P7suHif6FLs37tkW1fjakD8VgYDy38lwGV3xVvVXC8lneXkoE8mlXzmoHB0LmqEPPNv52g8jia8-jdImWsuLyrPBDWZaB6tx6hbW36SP9RrRDMOVjAO_XgTa0QzfaUyzMYJje4UBCPV4JZdI9N-j1REFiCDhcZtxXdHZ0HVXRVCvxrWVUwlfbGZSCq4sCsHec4dT_y6_PEp7tAlIJ5aILLgRdII8N8lac2at4x5CgBNpRBg1YLf0dPEffnIKRbwEeuoCPfeXMdLF6ct-dP1Ul-rSI8Wp05g29a3c7xdj_8R3Tvolnc7OpUsoiWyP4Be8VISGYHexQ8zBhg7_DAJ1z3REeUoFy4aRxyP7AVZ1p5SUmbllVykRrNKJMamzsfVAgQcPN_yoRD9_yHSdBpVhf_cMKD80TRk3nd1QszmLvQjqajQQgES9EJWL0RbNviRdzoWvq7vAji_7in3s0rBJyDVObZbKpN7wVXbaLsA0cOSO2IDwoE-lx601LxxP-KE2th2nqFmp8dWtKjK3BQp7gc4edEqcom5StQ_0KZ5Zjx4V7ie_29czVaHGspAFi-PmlAvpGSMeA57WDOFwUkeZkp0YtRrVbL2WxB2kyzL5gwjKARuxY1NdqBNnUT6ld5hpCJQH5-3RlAE686tksq4NVKI84oYwUVv96gIcQ8bStfD8Et-Nx4sig7Kv1TIE9GPaSw2Cx47mIwp75mNOZSmP3SYaaeWV2VJkS4B_Pb3EeW1_N4YBIbMyLrqJXwWS40OuT5-1HlHX9MSAfohjpMAnGUaBguiCFWl5EUC77kmPVmz_3tWMiYz9pN2uUgQp6VAbKR62Dzg1z1swtzfzSXKeXP5Wp-YVxj7bRwgKlOMCBJUJVgFsKvq3LtH8-KjkOgc7Cmx0gIGz9WpfPYT-ENOHxn1Mne8majpw22rcXfmxx8fTqcj6q0fK1X9ml3VzH501cPRnFA5ZoS0kmME5CoaYKTc9mVP6KekUWNJYir1mokcmLwaVyldqrJusJMzK_mrmO01nW2zIBZ1YExX2YIe88mU70qzu2mT5FdfSrqsWyWN6sRzGIH3oY1OEEgbvY&cid=CAASEuRokSSWr3rd-bAu3aYJpdqRjQ&rfl=1%2Chttps%253A%252F%252Fwww.controle.50emais.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:44:08 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2483 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 12:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 19 Nov 2022 12:35:12 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8AC5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1&C=1

43 B
1014 B

89ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWkSjpDT4FBkG2yQ42VubmtftToq346aXllJ-xn_bblz3iTSZMcx5FflnlW0ccd_uFFisdTV-TPhxFtMP589A88HBIipHd7VU3InUr1NpPkTvwEWxuc4hOPXUGTMpJctuOJUKqpQj9qP_DThbIXTGfg7BG9WueL6EkudAjvNX9rA6njjAo
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 19:49:53 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 22 Nov 2021 19:49:53 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8AC5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZv0YMrO2EkNM3gfnnqPggAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1

43 B
894 B

29ms
28ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWkSjpDT4FBkG2yQ42VubmtftToq346aXllJ-xn_bblz3iTSZMcx5FflnlW0ccd_uFFisdTV-TPhxFtMP589A88HBIipHd7VU3InUr1NpPkTvwEWxuc4hOPXUGTMpJctuOJUKqpQj9qP_DThbIXTGfg7BG9WueL6EkudAjvNX9rA6njjAo
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 19:49:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8AC5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFoIll3opPBPgSpX5ldyg14&google_cver=1

43 B
1 KB

62ms
60ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFoIll3opPBPgSpX5ldyg14&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWkSjpDT4FBkG2yQ42VubmtftToq346aXllJ-xn_bblz3iTSZMcx5FflnlW0ccd_uFFisdTV-TPhxFtMP589A88HBIipHd7VU3InUr1NpPkTvwEWxuc4hOPXUGTMpJctuOJUKqpQj9qP_DThbIXTGfg7BG9WueL6EkudAjvNX9rA6njjAo

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e3bcb629-3d5e-4ea2-8a39-6ec46d8afeb4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFoIll3opPBPgSpX5ldyg14&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AC5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 7ec58c50-bffd-4f44-aee1-9347734ebfc2
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DA6A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1&C=1

43 B
1014 B

126ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi6h5mxATAB&v=APEucNUWNDDXIAC3PReWm5NvlXweHzdbn0BfT0D5PU-5kFv-RD0jzBt9eHeI2kVYbhccuHz82f5tM2l42DcC0n4yPpNYcSHw-k_iEeKXHX94MnmwIj_uFKqXWzR-i1tXlEk27W6By1NMYExUtGVBZjvi8_K0W02BNqh_CWpP2Uk7xHcpidBO46o
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 19:49:53 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 22 Nov 2021 19:49:53 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DA6A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZv0YMrO2EkNM3gfnnqPggAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1

43 B
894 B

39ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi6h5mxATAB&v=APEucNUWNDDXIAC3PReWm5NvlXweHzdbn0BfT0D5PU-5kFv-RD0jzBt9eHeI2kVYbhccuHz82f5tM2l42DcC0n4yPpNYcSHw-k_iEeKXHX94MnmwIj_uFKqXWzR-i1tXlEk27W6By1NMYExUtGVBZjvi8_K0W02BNqh_CWpP2Uk7xHcpidBO46o
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 19:49:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame DA6A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFoIll3opPBPgSpX5ldyg14&google_cver=1

43 B
1 KB

20ms
19ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFoIll3opPBPgSpX5ldyg14&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi6h5mxATAB&v=APEucNUWNDDXIAC3PReWm5NvlXweHzdbn0BfT0D5PU-5kFv-RD0jzBt9eHeI2kVYbhccuHz82f5tM2l42DcC0n4yPpNYcSHw-k_iEeKXHX94MnmwIj_uFKqXWzR-i1tXlEk27W6By1NMYExUtGVBZjvi8_K0W02BNqh_CWpP2Uk7xHcpidBO46o

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ed8154df-bada-49c9-abd9-005b8a4f9baf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFoIll3opPBPgSpX5ldyg14&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DA6A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 89ea60f0-ffe0-4cbe-83f7-d6cf016108ea
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8992165578446582788/ Frame F2EF 36 KB
5 KB 28ms
11ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9102f36135678780622763537404f2b48985533988d21b75296da0b9a4fbedf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Tue, 16 Nov 2021 11:19:57 GMT
expires: Wed, 16 Nov 2022 11:19:57 GMT
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 5537
age: 548995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B517 0
571 B 106ms
54ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst2EGahI5xtFXuZtANZPQvukoAI0Q3DL8m2QQ7uEGTxnsu61N-Gs24VrQz4lJiMBMIxVCZ_wiXT6SVITTRQHwui2ycf9s1b9YUYyinI1gr3n-W9Qjtfo9RccAXm8O-qv4kt_j-9DXbiKQnYdEtIRBnZ81gGEUdjkBMMvaDd4R76ZSxjRVzUDlsRY2NUiS_HAUoPnr4quaadOfGJ4HGEO4yQv-pbv8TUWld0o5EMOvIetolysHt_FCDFWfFKAJYKYZS74N7iu9v-FNacndvX1B1d7SBEwoSNipl1CyIL6pd5jxWKn_c9LShZjQvIKwGrd5EfUsrmVkVYXsY_a507GxN8R3nN5JhpmCisajNrIaIxP8WFm6n--sa7LC1HtBIG61Zhn1FiinB1z3x1Nkakv2NdrhPBsHwcmdFnGVgdjBO1O9ccBASscznsnACY3u4A4Vj8i2FVPyVB5hrgOF35aRMYPyGveQLNoW3Z7APpS-KAFvV7SoWDy18yZQcXAL3dY1GYmiyee44LLCL-bXu3ho5pnz7L49iOhsrVPr4OFHeOKizgqhKTQ5L3mPMPxgjTXiBQ6ak_sijJvKY542ZwEGOOux41bdrNn-ShD2gZH5DEbhBNEbSwX-WsXpIDYyt7RFYRHYOtOeqntEBcMHS3T5tx4mubQ3TD541oW9e70rbZO4ZzsK3yWE57CnCp-qyVxZop8mkzkixuP0OuxnYMKdcQWthLlJZhnezY1_BPg2XfF7-e8dvbSfo33kgbG1YB90d_jl2nSPkfV9Tp8sZWH3XWYxFrdl1Cx7e7QpHLJ8-fmzM2m9PCNLsVUodHf1UH5F8T6T3PTwr-mgEeAVj5Famda6PdJtrZrFaH37g3n1qT2KKM750auqRfqKMcT0XVwTZx0iYdpNw1nACY1fxEQdylKGKqcT59JtQ_N0wXZV9rCBLrUMgEwbedRr4rWf0-UHUeiXUEKz9ZmviezoBps9wCvyg6ILHew20CWJxwrOgT2RjX82LLkuVBDxQEr_uD9AqHKF1F3MtnV5Vhsh-7WyicQd0uH449jVEmVq2D4D4J0V_ApYTCFg68LtAR-8ICu_YMCf-W9NUXrcg_W96Gsit59Z5vOxdRXQyQdNrmKyUeEEcJrkPj2dqNDRqI0jWBLPxygAHx92rpUN-eDqggBAY95cM82hWYJJuCgHFiJ6omSLExWSnoEvEkzoIQJY8KELQsNq-vgwih_A&sai=AMfl-YQq9ZUVJB6wJuUNwI9i6IqFCzDQmjrQooBrFU8Oy3lBU23b1GZCBR2uPDIK-qjffLDw_kdgoP25ytLcW-b-NtVKYrzsyCJK7ZPuv-b5Yp8G5xWA-V9cskUhf-SEOgRAAgYsmMCcEEUCa91dSRrPD5p9jS7mjGD4bEUHrJk-xnNGxrg5g0WgL0F0dBgu0g10H34Brrqo8jwg-41ewW8QqoSotRFS3rBVnuSs6agpDhvJ4UIwzaBVmGXDj3zLYD4k-MDuxLleX-h2UwRJ2IDsKxYdTz6RLBTqvhlEgzqJpqXG&sig=Cg0ArKJSzJQ3UkFvwMNCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=143&cbvp=1&cstd=141&cisv=r20211111.47255&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 22 Nov 2021 19:49:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4977
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1&C=1

43 B
1014 B

131ms
31ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNVA30ct49jp7sblJINHDDpEu9x1aFmMg2ZMfB8QftGBP15Xkv06BjaYwRVjdGn5KLchvwLC8OJB7o0ylncLUyL-QhDJpIxxonNXe3nYV-zgz3JmHZm0XZaTdRHM2CMd-uebbPIzUO9gF9tF4D1csX7IyBwVfFAlXy98nAiKhOwAfEjiJtA
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 19:49:53 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 22 Nov 2021 19:49:53 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4977
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZv0YMrO2EkNM3gfnnqPggAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1

43 B
894 B

99ms
99ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNVA30ct49jp7sblJINHDDpEu9x1aFmMg2ZMfB8QftGBP15Xkv06BjaYwRVjdGn5KLchvwLC8OJB7o0ylncLUyL-QhDJpIxxonNXe3nYV-zgz3JmHZm0XZaTdRHM2CMd-uebbPIzUO9gF9tF4D1csX7IyBwVfFAlXy98nAiKhOwAfEjiJtA
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 19:49:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4977
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFoIll3opPBPgSpX5ldyg14&google_cver=1

43 B
1 KB

15ms
7ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFoIll3opPBPgSpX5ldyg14&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNVA30ct49jp7sblJINHDDpEu9x1aFmMg2ZMfB8QftGBP15Xkv06BjaYwRVjdGn5KLchvwLC8OJB7o0ylncLUyL-QhDJpIxxonNXe3nYV-zgz3JmHZm0XZaTdRHM2CMd-uebbPIzUO9gF9tF4D1csX7IyBwVfFAlXy98nAiKhOwAfEjiJtA

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c558f387-8309-4f01-a607-66be4620f9f5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFoIll3opPBPgSpX5ldyg14&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4977
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:52 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 89a23c7f-771a-4e53-be07-ac2e807f9cc1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1538801963696034685/ Frame C35F 38 KB
6 KB 18ms
8ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4c17e69d4ac6e92bf62a3b13c142c711163523491aa06e3e5ebbd71f10e14a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Wed, 17 Nov 2021 20:32:38 GMT
expires: Thu, 17 Nov 2022 20:32:38 GMT
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 5783
age: 429434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1DE7 0
61 B 101ms
56ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuhcSvl441JL4oDHpHmzWo13-RUC-NKNoPQ3_9JST6nDOhY2dBRigzurayOQr-RHMYjb46wSNKWokFEhHYUhN0s2BtMBOzA-UhZiKFyDcZZd3fk_ZEUs4wpehtdfxRRyITYSpI0UuOCaybS1nCBT86QYItwnUV5-VzGedZYaXEGo7Xcy9Mn-0RQJAMGNB2EKjR7sEBIFzxCMw4HtZwoy-rxiC23x5ct3xbB9HJYt_fWJn2Spe0ZrISyT2Xn-PgR0aOeK6k4XiVK4h4QHRhapjh-avUUdAm-H0uBvqSrILSH0jTtLpyhkfHlffIqOr94zFg2i1jUsg9r8kUHZaCszZr7T2UEiSF9MA7VQobhBde3EefePsFFkVEgOvvyve1vZ9pW8S-nEget3c0VRZBuG2RI9PYgE-ipdTp-buQS6-LGBEZdY8AGpzwuU0pQtmWh1Kk7qD2HOVtu4EoO2BTG8O_lKYub7-X3Bl6HoGmbkNCeDtW_TC9jgchZV-OReEsMWkRLVJo-MLy1f743X24jTUqkl6BngpGF61yB2bXgbI7pcKT_zQ6m4c4OOrY4YFhb8xjyfQkSCuYc8BpxqsSSgOgtcjqgcO4IS03vzeZV4_GqlU5JvZEJ6jRoQBh4oVKzpEaZ82cgNTt9ON_PBD83J2BhN6qLBw5x_rO34s7jA8QYkhO4gPJQKOGh14Cf7U1eckvvU69mHdv0H4qapQPSLkcXk6j1W2r9xiZBJq2VfgcNsLmMYtxNhukqvrCSYW5XV6pTVArHoydFhLy9zLSbTkO87xDeo_7YH4UReioTS-AvLbPYxwBuSocnSrmy4gmIPzwULCZiSZBj3M-C1WJLuVpPAWS2L8sStZ31cPJsllas4n7ssutZiZydGgywW9IxmO6tAjw1tu7Yhu5SUI9k1zX4bS4NyDVrl7lAEuaiy7G3CnRsALZ4z5JJcGdelLlU4WnivsULHAN22Lrxcvr6hElgeMJFHzlbaWHNpwnd_bfZQ4pKjQyzxp7nkIp1pLdLi_mbrH2PDZcKZmc2GXHArpS3jzzNdYJV4OO09izqzVec4P3_HKRVSiYRfB7-kcS8DlByLhhpGKTmJcm5mc3YwxYISLHobaQK_gahJ_Eco6bczS0v__PNnymZbbwd3Y2U7j6dofMKNDZpGcVlcfySTqH7MubjGRvXjT22RLWEZi4-Gb6EMqyTk-wu_W7CiRGDG2HST916hu0iVw&sai=AMfl-YS4Lz8_E_J5bmLiE5MjV4RrwLBsw2yYN5l5dbEPPJi-oaON1OFqRvk0sxtk_DaRtSxzFkFasqoXPxvkV-8X9Sg_EOUK4UTmuoMQGk-8myEXwO9zUW-cpT5rmH2WJJc7cer2T2Rfi8S4ttGAg2JX2hw4bLNAvAKurlwEwmBL-TafcpNJrZ1hkr8GfojIIn5aF-fDGHNiWkmI96EZV9o95XKyFxyTMOK_dFnw4XxDdynIH9HZhftjgqky8k3k0tUHm8iyG-WRoh2AQrvbQB7eat3-eWWqAcV_bqb54pDtJeBC&sig=Cg0ArKJSzIFy9kgNGx-lEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=118&cbvp=1&cstd=116&cisv=r20211111.86508&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 22 Nov 2021 19:49:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8992165578446582788/ Frame 3AA6 36 KB
5 KB 15ms
9ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9102f36135678780622763537404f2b48985533988d21b75296da0b9a4fbedf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Tue, 16 Nov 2021 11:19:57 GMT
expires: Wed, 16 Nov 2022 11:19:57 GMT
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 5537
age: 548995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FB62 0
61 B 96ms
54ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssN9UcFu1y2jPh84tSpvZJa8Xv7zAzqkqSqLzYLm0HXdsaMxPa6WXXONgpsXo86UVAYH5IBAze_rnjOHJGHeJNxeMlYUCr5KhKD0NZLYFb3M92c25RgFI0_UfgUzvlXwpNk46REDqFJAqeOgW5DllzfhxKLLiDla91z8LKq3s21QOfj8_xcB3VI9BLAJ9v2NKW5Qr-tdEqaHbtAPgrJ_aRna7w4td3i810JYAgQtAZs43mnAsm1IBvkpGbLB8Tx3n1EOhuS4NDcMQ-fOpmhvp8eGC23NARGHsoAc0t0scBLmx1DyZpv6W4i8nSSPs6U8n7Wj_Kb6hwvgXBy-nNwvDcUxG7xX8WRfpmfLFhZlbIMDxV1_hwuSOsr5oZYO2p4Y7pYe_IFdsjTsrseFpwsVejcO3yC5T-i6Uk5Dt_QxyGW7riLZcRlU98OJSL0K27DuAFB2jFlOcXo-L6iJeKbGGl-de2FR1mUdsWG74whN4tZ1dKm806qwsPx08Wl3NzFDzglbqUIfUi6bKrlECgnz_BbOdBb7vcgEOdLIC_00wdfAX9TqvP6kl5Zrs1CnZpI6jU2qHV1ewKsGE014PezqkxP5wEILM6KyaNgtL7WygjsbuvE1EfhjXHHFSdKTn1XXmSC3JkMUhupENBAujHQY0TJL-Vl_1Zqt20Icz8AY6Xn5SRMY65XVDK__ov9n3IWiGrxa6ghAD5hYCw1StBfGwzwL1fux98-9blkBPdz-izDg7euoDG_idbBRCVKaI1cc_-Iiudk7ctDMAhGpdcIO3ik1acC2_LqMGsdxpgBX92rKk_OL9SHlgbqXkoERtaH7cqpslZ4KheAecGGBcrQ96WIX6t6N7_82d6-OZRBUF_LkiuForc3I1VyAOvdglM72XCRg50WKXaRLlL4Nwngy4-p98yU6IBdb7ZGFEVDWNAPRilHz29amUSmNTsXp6euSUsfYDV_nG0SC86VK-BDW7O1ErLR0KxYgNDFj9oz38O16PAB0SbQvDVa8_oN-YNfexjwBEzNEHkNsiX9z378SMXHgd6gC1hu9J2ZPodYejXZGp3clVMtRWsLRiT3aASA-jzng2HvjSejjhQjZbmjFWJuJOWpiHMSbU0piajVBdNB2g83F9zVkNpgnNfc9zwFM6-o--3zw666_rAbZ77WOM-pxngZto8exe57d5DAQPQySlpIR1KQzF_QRZL0wBEkKjDZf_LqqA_Q58LfMNQ&sai=AMfl-YTgH-PUmV8GXE9IkQyj7vP-AfceIJ91IK-kZI4-mURBSbvkOViXZ6XQsrzoQT6q0Ig-ZScbz819k45joLvGjyVaPC_H4kM7f46YoPCoWb2vi2upsbnVNwxyojbwmui5sa8kCsvIR9So2Z21oo-HDdwVzSlRskXpRH4O-T4aB0k1qfv6Tp4fGiRszUjfq6WKFrsFfbdTUOxbkMEvS6K8d7h8Bpxeo4Bctnf7CoQfGADtf3ULDBtq_d8cQM8fsW3FpO3pxmt5INoEJvNHQ5G2yNE0DJ8FmnG4JRz9iiFyx1MP&sig=Cg0ArKJSzLEbhi-s1HaJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=111&cbvp=1&cstd=110&cisv=r20211111.92082&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 22 Nov 2021 19:49:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 847C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1

43 B
1014 B

111ms
40ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiVrJmxATAB&v=APEucNWJYDQl4COurMWZG8FWKi4sy-easONDN1g6sZQEQBtjwlsLWCAuxeu0mbblA5TfI6APFXf-7zq1mrH7nE80R7DfvdqC09N-lGYYLs4vpt6hlnY4KJ34fhad9i2afdzmygKfuP4CLqYr4aEMzAUcyGgh9A2h3CneXPv5jKitVo5u8PUccb4
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 19:49:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 847C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZv0YcrO2EkNM3gfnnqPhwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1

43 B
894 B

42ms
42ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiVrJmxATAB&v=APEucNWJYDQl4COurMWZG8FWKi4sy-easONDN1g6sZQEQBtjwlsLWCAuxeu0mbblA5TfI6APFXf-7zq1mrH7nE80R7DfvdqC09N-lGYYLs4vpt6hlnY4KJ34fhad9i2afdzmygKfuP4CLqYr4aEMzAUcyGgh9A2h3CneXPv5jKitVo5u8PUccb4
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 19:49:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 847C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL89rWY9IwfNc6KfM6eS9BY&google_cver=1

43 B
1 KB

40ms
24ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL89rWY9IwfNc6KfM6eS9BY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiVrJmxATAB&v=APEucNWJYDQl4COurMWZG8FWKi4sy-easONDN1g6sZQEQBtjwlsLWCAuxeu0mbblA5TfI6APFXf-7zq1mrH7nE80R7DfvdqC09N-lGYYLs4vpt6hlnY4KJ34fhad9i2afdzmygKfuP4CLqYr4aEMzAUcyGgh9A2h3CneXPv5jKitVo5u8PUccb4

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: feda4387-decf-41b4-b48e-68455543caa2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL89rWY9IwfNc6KfM6eS9BY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 847C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:52 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9c47d185-bc51-4d1a-99c1-eac8634278d9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 08A2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1

43 B
1014 B

106ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi6h5mxATAB&v=APEucNWxX6ifobdoRDnovLoNeFg6qmybkl46mjzbnxp8jeN9_pBfvlzfkqwemMmpOU7m08H7e1qqkmUq2AW9nCT8KxP4bchs1-TGB7wrslFAftrxFQkvZQ5fFZ1QQ9ZT-KtBkIwjAXx69DBuhM2Iz7UrcOcsgFIlT7tjIWlm6H7eAbW7Ys-_QG8
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 19:49:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 08A2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZv0YcrO2EkNM3gfnnqPiQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1

43 B
894 B

58ms
58ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi6h5mxATAB&v=APEucNWxX6ifobdoRDnovLoNeFg6qmybkl46mjzbnxp8jeN9_pBfvlzfkqwemMmpOU7m08H7e1qqkmUq2AW9nCT8KxP4bchs1-TGB7wrslFAftrxFQkvZQ5fFZ1QQ9ZT-KtBkIwjAXx69DBuhM2Iz7UrcOcsgFIlT7tjIWlm6H7eAbW7Ys-_QG8
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 19:49:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 08A2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL89rWY9IwfNc6KfM6eS9BY&google_cver=1

43 B
1 KB

25ms
8ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL89rWY9IwfNc6KfM6eS9BY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi6h5mxATAB&v=APEucNWxX6ifobdoRDnovLoNeFg6qmybkl46mjzbnxp8jeN9_pBfvlzfkqwemMmpOU7m08H7e1qqkmUq2AW9nCT8KxP4bchs1-TGB7wrslFAftrxFQkvZQ5fFZ1QQ9ZT-KtBkIwjAXx69DBuhM2Iz7UrcOcsgFIlT7tjIWlm6H7eAbW7Ys-_QG8

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 2241ace1-05c6-4d02-ae4f-5f60ea425207
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL89rWY9IwfNc6KfM6eS9BY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08A2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

170 B
188 B

46ms
46ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:52 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e7f6f0fa-a4d2-4bd3-b4ee-719df619b224
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8992165578446582788/ Frame 5BD3 36 KB
5 KB 11ms
11ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9102f36135678780622763537404f2b48985533988d21b75296da0b9a4fbedf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Tue, 16 Nov 2021 11:19:57 GMT
expires: Wed, 16 Nov 2022 11:19:57 GMT
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 5537
age: 548995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 913D 0
61 B 90ms
55ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuLN7mBku2b-aLrLJd-KNrRpZiAf56bLpPT4IAxPaSAjTHIdACRIzcDbd4yDP5TxECtNGtn4uIGHUb3XzUrVkH6aQU21mJS23EGTszAHGs6b013q7ufKJym6lrRw72yaZFxVs4j4nvrk6KVO51b7luyCPfOF1_IRb3x1ubq5gE_CrwQS--hg8DR4sH-6K_vMIQVA0ry-m0bK7LHKdnX3WGUw_QEOs7z6pFngt5lDV1H-bZHMKLzE2kw9a-_1UMPttHiRGWKJgp5pSIXx_sv370_gWXfaZhjzQwNup9SK0mFE4cn2LtjSa3qC7x_xmXcrLjoiaDHdL_ka-RAfh1e-Md3t15QD8uWvtQ_a9BNH24myj1BGW1Dguj3OfsByr2DhHK967bwMUImaSGjmp9XwGndjpscahAw0Gj2DtBESyxe-RuiRuhTkSI1bI3SjcF4Cj7OR9uxKyZjfqHM5Z7Ek82iZel69lKe9_PeUaJc_skXrb4QaVALfD-VaFKp1wa_kzh0ZP812x4ECHzCOAtK3vmWNRsvNPApfrzfTcXMPZjGxodIdijvpw3ZEASi1vjYiC-THQzZhJqLkd646ZpDRtRf1R9-fyqdRncEuZzqy3sw1sw2NzO9nxqSRDkhCj_paQ8sgQmLu0DvRnRS14L919PWUFAHCJJ1n_dIUHuy8YPTQ7syLk8yXa0MlURypoeNePqNwau6LpR5jg2_fapDHIFqL_yeuefby45WVP8dBB462PtFYx9_er95rm32904OFbyUU7RZX8869N9j_FJslCrwPfOgopsWPnaoTlTRdpgmZ1Ai3j_9F-nPsddGGKSGrLhzKIbx0gIln8oE2IqfZBEN4TSUCXur0EQ9ZE7irDr_GSxVUXNxu1Cj-TndS1fbmIzNpmhl5ZRoqOT8Bh4yKdiXS-R_G54GOw1Ae6-HMujyRVuL8o61asrpvN6KC7L8R-R1VhRrLV0TfsWUN4YV_i0cuMbis6KHHp9L_mW_zc4oGCdquh5qKQM-j2iVtypN75DSWJFWhoIetOkF2NbBp9l2aCBfot9npTdUch3W1j8w6WKjCjmL_ezW4Qzi2EXStpsO5RNb50lUqk2D9ZXe7HPGjvpQdBdBNFRmfyVbAc22sK1JlGQQVZ1VdSNEiQVLz5E4y-lSjmOzog2cMW5he2r1Il4gQbFzDMtFb1_p3ZNAnEu_0qQjsuLIeD8XyF0atOgi_W2QnWmIFGuXSR8&sai=AMfl-YT7Lnyf276RGPa4vEZ1Oki8APNepc9sT-JqO5wV0qpuCLr6CPCFf75aKHVhiBzRWsIq06er5f7cJFD8JvkoBLsHOAgpUNsPPajFZAOWpWdh62DtybI3e2isw6C4qfNzEqTpk7GL8yDlj4itAKlrQE0VNDGiM25EegCG4tm_JGwM6o5616kjewbpH-xHdz9Ql2GLaQXbt6b9xumYR20HH4wJklI46-Ac2-_AHsfCCpLH3mbjsRAIvkB4YBd7OM4JeRK9sfvf1lauaZecXX1MtXyedtc8qe-5RlD6cfQMwsB_&sig=Cg0ArKJSzIR7i5jkpmP_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=97&cbvp=1&cstd=96&cisv=r20211111.47222&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 22 Nov 2021 19:49:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 46F4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1

43 B
1014 B

107ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi6h5mxATAB&v=APEucNWviu0qJ1eYhC97dshtlGfmN68y6nq7Qay0anKB5EkhVKBuqsc9-_P1MwBc7u9FwH0g9r98z5No_T6UBf1VW3b0shbdOV122pkmEnmmQLK5w3t5ELxvZt9p4ZadgUce5BNvJQmD-6hujqf4h85S3_s9jmHXvuT65ImvF62zku7dQMv3QkU
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 19:49:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1G46YOktiCK-htwGZESew&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 46F4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZv0YcrO2EkNM3gfnnqPhwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1

43 B
894 B

49ms
49ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi6h5mxATAB&v=APEucNWviu0qJ1eYhC97dshtlGfmN68y6nq7Qay0anKB5EkhVKBuqsc9-_P1MwBc7u9FwH0g9r98z5No_T6UBf1VW3b0shbdOV122pkmEnmmQLK5w3t5ELxvZt9p4ZadgUce5BNvJQmD-6hujqf4h85S3_s9jmHXvuT65ImvF62zku7dQMv3QkU
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 19:49:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 46F4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL89rWY9IwfNc6KfM6eS9BY&google_cver=1

43 B
1 KB

8ms
7ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL89rWY9IwfNc6KfM6eS9BY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi6h5mxATAB&v=APEucNWviu0qJ1eYhC97dshtlGfmN68y6nq7Qay0anKB5EkhVKBuqsc9-_P1MwBc7u9FwH0g9r98z5No_T6UBf1VW3b0shbdOV122pkmEnmmQLK5w3t5ELxvZt9p4ZadgUce5BNvJQmD-6hujqf4h85S3_s9jmHXvuT65ImvF62zku7dQMv3QkU

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 45f8da27-e4f0-45f0-985f-d189fddc2734
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL89rWY9IwfNc6KfM6eS9BY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 46F4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:52 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 77e843b2-e4ea-4157-9bd4-644b0758a372
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1DE7 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 12:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 19 Nov 2022 12:35:12 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E313 1 KB
749 B 9ms
8ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Nov 2021 13:26:12 GMT
expires: Tue, 23 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 23020
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

setuid
prebid.adnxs.com/pbs/v1/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=3543708976642828025

86 B
692 B

14ms
14ms

Image
image/png

37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=3543708976642828025
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: HTTP/1.1
Server: 37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: nginx/1.19.0
Vary: Origin
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 86
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:52 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 8d9c129c-9935-4205-87c7-40d0566a5489
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=3543708976642828025
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1DE7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd86a6cfd5c1f7083b0d8aa9a0a12064b37566c84b0c1810031452a39badfdcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B517 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 12:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 19 Nov 2022 12:35:12 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3B8D 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Nov 2021 13:26:12 GMT
expires: Tue, 23 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 23020
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B517 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e673290a3bd09a1df4838e0d94a6c62ac0c6acefd697fa5e39338adc94b073d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1A0F 6 KB
3 KB 8ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 22 Nov 2021 19:49:52 GMT
expires: Tue, 22 Nov 2022 19:49:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FB62 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 12:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285281
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 19 Nov 2022 12:35:12 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 897F 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Nov 2021 13:26:12 GMT
expires: Tue, 23 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 23021
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame FB62 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 917471453fb98f07f2476f9dd4f125d08e935a7e1fcfd116f82a2a27310aa4c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 4727t6qteyti Show response
hal9000.redintelligence.net/zone/ Frame 5E79 11 KB
4 KB 41ms
12ms Script
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1iq1X_SbYcvlN8OF7gOrybGgCbXN-YNX_Ni5q-UM8C4QASD3lKwwYJWCi4KYB8gBCakCqJicWSHksj6oAwGqBPQBT9DAohe_XQs_LF1bF0nMF_n5sXTanRtmAzmgj_ppJfHOw1l9BldLZRiE3DVGcCmEn_U3IvTlLS5HbCLng-ewa6gE4R8J6mfzNaGV4aX4xPACncvnjR-j1aNK4tsHV39-NtaNCaqkI3zLqJpvt9_k9QSK6tyZvkVmJGUxi9dpgSy5WmzWXcwZ0jzgYR_cy2aKTnXLFv0eP1Kc14heHA6SnE_HXS4G1AwVuOny9GsKQ-P5AbXNMa47xIcHIRSGny1c7sMX65NqY8OBsolc6h02toVnA2HF8O1oKScMLGHspRt6zm0GqausJcjsqmS6uX1o1l2W78AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoqXuXqHsAYEXQgmrNzA2jSA%26sig%3DAOD64_2wQWlH35o3fYEtDiCnWYxroaBKHg%26client%3Dca-pub-3619045887187031%26dbm_c%3DAKAmf-CrK7fR_nd6OXuKEFDI8zJpESyyFl46vvv878jLp5tYStMH_ZPYbYYbJkt3uvF-80Erg4YLRcIbFMMZ_Wa1tJMeMH9aVGd-CJu4GvEhVmIz3bM6B9vpFxG1ODAi7GeVDrdSasayXo0jmIOPpINkoRpZQPyHCw%26cry%3D1%26dbm_d%3DAKAmf-DLlCuXfFZ4jDW12hOAboongVo4WPetiJgih8q6RGWIgWg2rTIwIEycBjwssICG5E8akfT_VcHmVHLzeajBYO9FuPxCkm1Wcf5bI_lBiMe_3U8d6tDdSWHX0RyuwXdxlamlqWR2YpIUDNYyDGRbWQsfnV7Q-BHUbAJHl_aaRD9srpvD8a7_crWcenR8Og--J5z5OeP7_XaMwo8VM-3YNQk0lgrPe7yHTR02PAVdvyZQE7URmdzDB3biHeR4QAmFOV35aiJpx5WTd3biwFAjrdbQQkavn1ZImAQanIIqV1z80R1wYWM4vDMt46c_LdF7uvG_gsCGknnL9rR7YK2kXyAST4_6ZecR7S4vfnMWCGYrVEPJJChNAqM2XYKJr4pDiCgXKIpSXMcviRlgQyYnAt7Q43NgzsCHKt1yU50UjGgxihXZVzTSNLdv8q2SLjykscD1NCMc173Ku9Q0n5E7bpMyEHDVvQ%26adurl%3D
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: e4fca32f632269b1634c720aede25bf10ff36a64794412d1d57760518cf25b6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 19:49:53 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3918
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 913D 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 12:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285281
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 19 Nov 2022 12:35:12 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AFD2 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Nov 2021 13:26:12 GMT
expires: Tue, 23 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 23021
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 913D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0024887ff709b8092e43d9a46c8ff02180dd472531776ecf71c2ec2a5016ee9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A574 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 19 Nov 2021 12:35:14 GMT
expires: Sat, 19 Nov 2022 12:35:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 285279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK npoee1nv94vs Show response
hal9000.redintelligence.net/zone/ Frame 2483 11 KB
4 KB 34ms
12ms Script
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/npoee1nv94vs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYyeeX_SbYc3lN8OF7gOrybGgCbXN-YNXzN65q-UM8C4QASD3lKwwYJWCi4KYB8gBCakCqJicWSHksj6oAwGqBPsBT9CtMqyZlbhWV4KwSh68P6ploZ6R8Xc6sTrB43DWwQHQJjUzjWFVpMelPoPXUmNvaIQqjaQ18oFfe7uORFivkYmz5zeBo6xDw36s8KrX3XhJugwXJkMsBM2G0vTJ6RwY3LuICMqF5c66ciHkRLl2-NBJhcn6kpmiP1TiqSrUKwU4wMrkXq977sRADGaABqJ1a1Drj8V0Bta9o6zVTsE79PI74hyMZNseGmgoMkW8gl1rgUwqGmZmrZQpZYDdbvPhsHY1YKpzZMjl0lIBjuxsgw2JCaxa1oC-Bz6g2RoLUu9QMlobCEdHGD2ou0TveHrL3S8F233bVX31NEzABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRokSSWr3rd-bAu3aYJpdqRjQ%26sig%3DAOD64_2ENeXz3NPqkHRFU83lvO8MZU5dFA%26client%3Dca-pub-3619045887187031%26dbm_c%3DAKAmf-CEcNQGtW8T9tAUrjWLhSPAELBQx4LpUQI8mNyL-2G1GDatqca4ZFkFqlscmO48PTWTPGtzLs8J3TDWa_3NML0pOFZYgshLUU97FC8s_exYcU138E0Q65H3tH9KMJomIh61J9ccxUiTsylTs-j6WIbnE2M63A%26cry%3D1%26dbm_d%3DAKAmf-BF6c2oQisA2WcJfUdXXWNVeYQQ8xEbMObmqvPHEki4v5_DHTVH5WVoQePQ-DuARsszUqz6ueHC9Tvr6iClX2wl6ytKYo8zurAcoFW19bgqNfX0F0Kf7cCuHSGV-_qnHNbmFNwF_f1JYtn85d0jsVuCrwDQmhIHLE3hdjAXJ1-P-Xdtf79OG7X2XKrfpyU5260BpnyLW7IfXlPaTU8WIp9B8rbM2jwRLhwbE3zOIwPDEaJNOuol3JVylhduUiSjvTg0TNMXmtG9Y42hmH8li2Wv42eSziyzXBr1HB_U8tvdIfBZM8NHxktYJnNJP1lKyiH_gXIM4YLtFv1yzzTSk0uMaikLJkiQIppGCdoXtnPljAq1lCMwh2MqU3k1IdQhmxxZ--OG4aMQWYW5SaH1GyMLOlCqYMPEzpgGU1JwL6t8AeZBmxiXlrKF2QdiWmG_4KBRG3_w7rUu5lHSYwE6w3oHlkazKQ%26adurl%3D
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: fb98ba43800108636c3d06692f962000641263d9c0bbdc99ff954e6cef4df720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 19:49:53 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3930
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0AB5 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 19 Nov 2021 12:35:14 GMT
expires: Sat, 19 Nov 2022 12:35:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 285279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 77F8 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 19 Nov 2021 12:35:14 GMT
expires: Sat, 19 Nov 2022 12:35:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 285279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 676fb50419ef202deb5b93cc25f6b04c.js Show response
s0.2mdn.net/sadbundle/1538801963696034685/ Frame C35F 71 KB
18 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/676fb50419ef202deb5b93cc25f6b04c.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38a73f03462fc87a808ef9264cbf32b7b4fda6cee89b5dbe292b5fd005e0ece3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462616
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18429
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 11:19:37 GMT

GET
H3 200 aa16cb581d143e080f8d01373c078e15.js Show response
s0.2mdn.net/sadbundle/8992165578446582788/ Frame 3AA6 64 KB
16 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21b40bcddb27c98e7b45526c7d07aeb091adbf8118fdb441d050b1f2275654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:33:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429374
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16804
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 20:33:39 GMT

GET
H3 200 aa16cb581d143e080f8d01373c078e15.js Show response
s0.2mdn.net/sadbundle/8992165578446582788/ Frame F2EF 64 KB
16 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21b40bcddb27c98e7b45526c7d07aeb091adbf8118fdb441d050b1f2275654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:33:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429374
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16804
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 20:33:39 GMT

GET
H3 200 aa16cb581d143e080f8d01373c078e15.js Show response
s0.2mdn.net/sadbundle/8992165578446582788/ Frame 5BD3 64 KB
16 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21b40bcddb27c98e7b45526c7d07aeb091adbf8118fdb441d050b1f2275654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:33:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429374
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16804
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 20:33:39 GMT

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ 0
75 B 104ms
17ms Image
text/plain 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D%26gdpr_consent%3D%26uid%3D%5Bssb_sync_pid%5D
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:52 GMT
content-length: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 51C1 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 19 Nov 2021 12:35:14 GMT
expires: Sat, 19 Nov 2022 12:35:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 285279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

request.php Show response
hal90008.redintelligence.net/ Frame 5E79
Redirect Chain

https://hal90008.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=50511bbf4b&subid=&uid=65bb2b0bc04727a2&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90008.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=50511bbf4b&subid=&uid=65bb2b0bc04727a2&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
1 KB

101ms
79ms

Script
application/x-javascript

138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=50511bbf4b&subid=&uid=65bb2b0bc04727a2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1iq1X_SbYcvlN8OF7gOrybGgCbXN-YNX_Ni5q-UM8C4QASD3lKwwYJWCi4KYB8gBCakCqJicWSHksj6oAwGqBPQBT9DAohe_XQs_LF1bF0nMF_n5sXTanRtmAzmgj_ppJfHOw1l9BldLZRiE3DVGcCmEn_U3IvTlLS5HbCLng-ewa6gE4R8J6mfzNaGV4aX4xPACncvnjR-j1aNK4tsHV39-NtaNCaqkI3zLqJpvt9_k9QSK6tyZvkVmJGUxi9dpgSy5WmzWXcwZ0jzgYR_cy2aKTnXLFv0eP1Kc14heHA6SnE_HXS4G1AwVuOny9GsKQ-P5AbXNMa47xIcHIRSGny1c7sMX65NqY8OBsolc6h02toVnA2HF8O1oKScMLGHspRt6zm0GqausJcjsqmS6uX1o1l2W78AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoqXuXqHsAYEXQgmrNzA2jSA%26sig%3DAOD64_2wQWlH35o3fYEtDiCnWYxroaBKHg%26client%3Dca-pub-3619045887187031%26dbm_c%3DAKAmf-CrK7fR_nd6OXuKEFDI8zJpESyyFl46vvv878jLp5tYStMH_ZPYbYYbJkt3uvF-80Erg4YLRcIbFMMZ_Wa1tJMeMH9aVGd-CJu4GvEhVmIz3bM6B9vpFxG1ODAi7GeVDrdSasayXo0jmIOPpINkoRpZQPyHCw%26cry%3D1%26dbm_d%3DAKAmf-DLlCuXfFZ4jDW12hOAboongVo4WPetiJgih8q6RGWIgWg2rTIwIEycBjwssICG5E8akfT_VcHmVHLzeajBYO9FuPxCkm1Wcf5bI_lBiMe_3U8d6tDdSWHX0RyuwXdxlamlqWR2YpIUDNYyDGRbWQsfnV7Q-BHUbAJHl_aaRD9srpvD8a7_crWcenR8Og--J5z5OeP7_XaMwo8VM-3YNQk0lgrPe7yHTR02PAVdvyZQE7URmdzDB3biHeR4QAmFOV35aiJpx5WTd3biwFAjrdbQQkavn1ZImAQanIIqV1z80R1wYWM4vDMt46c_LdF7uvG_gsCGknnL9rR7YK2kXyAST4_6ZecR7S4vfnMWCGYrVEPJJChNAqM2XYKJr4pDiCgXKIpSXMcviRlgQyYnAt7Q43NgzsCHKt1yU50UjGgxihXZVzTSNLdv8q2SLjykscD1NCMc173Ku9Q0n5E7bpMyEHDVvQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.controle.50emais.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.controle.50emais.com.br&random=9936501349065&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.150 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a34bdb9ef39dd11ec9a1c37d37c199306925c04cc4672ca47e4712d948d99528

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 14541200197103000710612011786008
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 892
Expires: Mon, 22 Nov 2021 19:49:53 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=50511bbf4b&subid=&uid=65bb2b0bc04727a2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1iq1X_SbYcvlN8OF7gOrybGgCbXN-YNX_Ni5q-UM8C4QASD3lKwwYJWCi4KYB8gBCakCqJicWSHksj6oAwGqBPQBT9DAohe_XQs_LF1bF0nMF_n5sXTanRtmAzmgj_ppJfHOw1l9BldLZRiE3DVGcCmEn_U3IvTlLS5HbCLng-ewa6gE4R8J6mfzNaGV4aX4xPACncvnjR-j1aNK4tsHV39-NtaNCaqkI3zLqJpvt9_k9QSK6tyZvkVmJGUxi9dpgSy5WmzWXcwZ0jzgYR_cy2aKTnXLFv0eP1Kc14heHA6SnE_HXS4G1AwVuOny9GsKQ-P5AbXNMa47xIcHIRSGny1c7sMX65NqY8OBsolc6h02toVnA2HF8O1oKScMLGHspRt6zm0GqausJcjsqmS6uX1o1l2W78AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoqXuXqHsAYEXQgmrNzA2jSA%26sig%3DAOD64_2wQWlH35o3fYEtDiCnWYxroaBKHg%26client%3Dca-pub-3619045887187031%26dbm_c%3DAKAmf-CrK7fR_nd6OXuKEFDI8zJpESyyFl46vvv878jLp5tYStMH_ZPYbYYbJkt3uvF-80Erg4YLRcIbFMMZ_Wa1tJMeMH9aVGd-CJu4GvEhVmIz3bM6B9vpFxG1ODAi7GeVDrdSasayXo0jmIOPpINkoRpZQPyHCw%26cry%3D1%26dbm_d%3DAKAmf-DLlCuXfFZ4jDW12hOAboongVo4WPetiJgih8q6RGWIgWg2rTIwIEycBjwssICG5E8akfT_VcHmVHLzeajBYO9FuPxCkm1Wcf5bI_lBiMe_3U8d6tDdSWHX0RyuwXdxlamlqWR2YpIUDNYyDGRbWQsfnV7Q-BHUbAJHl_aaRD9srpvD8a7_crWcenR8Og--J5z5OeP7_XaMwo8VM-3YNQk0lgrPe7yHTR02PAVdvyZQE7URmdzDB3biHeR4QAmFOV35aiJpx5WTd3biwFAjrdbQQkavn1ZImAQanIIqV1z80R1wYWM4vDMt46c_LdF7uvG_gsCGknnL9rR7YK2kXyAST4_6ZecR7S4vfnMWCGYrVEPJJChNAqM2XYKJr4pDiCgXKIpSXMcviRlgQyYnAt7Q43NgzsCHKt1yU50UjGgxihXZVzTSNLdv8q2SLjykscD1NCMc173Ku9Q0n5E7bpMyEHDVvQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.controle.50emais.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.controle.50emais.com.br&random=9936501349065&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 22 Nov 2021 19:49:53 +0100

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EE06 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 19 Nov 2021 12:35:14 GMT
expires: Sat, 19 Nov 2022 12:35:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 285279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9AFE 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 19 Nov 2021 12:35:14 GMT
expires: Sat, 19 Nov 2022 12:35:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 285279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 14ef7e987abb903a5595699fadc5270b.svg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 7 KB
2 KB 9ms
9ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/14ef7e987abb903a5595699fadc5270b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b416bc79b634a401972368a5a6564c0c27605c64caeb416440272a3cc918b279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307132
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2090
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 06:31:01 GMT

GET
H3 200 4c2943653d0394b8e7cc4967e9549098.svg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 1 KB
603 B 8ms
8ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/4c2943653d0394b8e7cc4967e9549098.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

063622804a80a1943ccc527e1ec569997b9057525a1fef3a289c0d478140c092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 15:48:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 446462
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 574
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 15:48:51 GMT

GET
H3 200 2be483cf8aed71cfb157d2bd503e88ed.svg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 750 B
468 B 9ms
9ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/2be483cf8aed71cfb157d2bd503e88ed.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336539a6a0d9739c251760f215e8519843b8e2c00e1fd3d08dfad302aa1820ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:38:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306670
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 439
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 06:38:43 GMT

GET
H3 200 1ccf7e6ad62a99daf57692dc0be5ec3d.svg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 5 KB
2 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/1ccf7e6ad62a99daf57692dc0be5ec3d.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

357f773055a2de35c3e198af1d0ad35dc025dc8fc191e29c79e37d86db0851c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:24:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462349
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1687
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 11:24:04 GMT

GET
H3 200 eab840bc6ee1119a139b4f734d1fdb50.svg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 1 KB
500 B 11ms
10ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/eab840bc6ee1119a139b4f734d1fdb50.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c268fc5ce52b646b09f65d4f0f1b1749f9f94ca7854fd45072fa8cd2f45b0798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 15:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 446954
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 471
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 15:40:39 GMT

GET
H3 200 91a540c2e9d3e7fdcf82f0dbcf67ff79.svg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 4 KB
2 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/91a540c2e9d3e7fdcf82f0dbcf67ff79.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7e56b6138acf8dbf5f5bda2ddad9e99436c0694291507b0cfd6b754a7a7617d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 23:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506368
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1524
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 23:10:25 GMT

GET
H3 200 4e556d550f2695d06b7cf16e16015af9.svg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 936 B
392 B 14ms
13ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/4e556d550f2695d06b7cf16e16015af9.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d59572b7482e805e1e1fa211d3194d35a961b1bc654bc2bf0199e65ac2f23e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 05:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482593
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 354
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 05:46:40 GMT

GET
H3 200 aeffd368ea82805a7668015469635fe7.svg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 668 B
416 B 14ms
12ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/aeffd368ea82805a7668015469635fe7.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f44e9eb57753942da426e2bd96735269fff91ab4596e9242949037b1a7d2d498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 08:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 380
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 08:38:03 GMT

GET
H3 200 112ada8c29bc69b37db402b3f98c8d3e.svg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 285 B
249 B 13ms
12ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/112ada8c29bc69b37db402b3f98c8d3e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae6b882f0a53c53e1381de28e92959aa2c27d49ae801a8d2f7489934cef96baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 23:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334092
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 216
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Nov 2022 23:01:41 GMT

GET
H3 200 dd65d19974196a6ba920186e77c26f01.svg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 2 KB
1 KB 12ms
10ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/dd65d19974196a6ba920186e77c26f01.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

195ac7249e147ef6486617e755244f9272ff299b9da7f2123d368745bd035621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 20:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517770
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1008
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 20:00:23 GMT

GET
H3 200 81e10bebf1ae9c240772e2d942f62e3d.svg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 1 KB
633 B 12ms
11ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/81e10bebf1ae9c240772e2d942f62e3d.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8e0ada042a1632c2166e738bfcadc16b75afa484537f98895eeb72a7328b749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 11:50:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 547163
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 603
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 11:50:30 GMT

GET
H3 200 20cd3c9c87a3dcad42074ff89b4391e0.svg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 8 KB
2 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/20cd3c9c87a3dcad42074ff89b4391e0.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:27:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462133
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2458
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 11:27:40 GMT

GET
H3 200 8cc05b6ea379ae3ce855c8e91d3a6a6f.svg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 3 KB
1 KB 12ms
11ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/8cc05b6ea379ae3ce855c8e91d3a6a6f.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5515223ac2cb272d4dcf91a4aefced55a3d51bb3207cee2f11fae692b8dbabc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:16:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430395
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1505
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 20:16:38 GMT

GET
H3 200 c9410573296197343526d286f178fcbc.jpg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 3 KB
3 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/c9410573296197343526d286f178fcbc.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97fa6802645b7673240fd33eab61c7e655fdb3e4550d61a39771c6375ac2b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 11:16:13 GMT
x-content-type-options: nosniff
age: 549220
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3007
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 11:16:13 GMT

GET
H3 200 e4248f14dddf10d4fa110347305ad715.svg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 3 KB
1014 B 14ms
14ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/e4248f14dddf10d4fa110347305ad715.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d04d93508f8554bfeed7261187fe9a229b5d1552ac019fe9b344cb245761af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 05:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481928
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 975
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 05:57:45 GMT

GET
H3 200 8aab136e795eef8a306910b382197d5e.svg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 2 KB
760 B 14ms
13ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/8aab136e795eef8a306910b382197d5e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce45f021bb37070d011ba312a6162f46e215ccd2c30990bac8f6175903e0c291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 23:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 722
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 23:21:07 GMT

GET
H3 200 e5d7081282acd417281531c186e82fcb.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 7 KB
2 KB 12ms
9ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/e5d7081282acd417281531c186e82fcb.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5d25cf30eedb486007b7254d7c53c15e95dc8ef63d3750a2cfdcda93aa96ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 08:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2033
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 08:38:19 GMT

GET
H3 200 8390b93a9c186729ed2345d9fd812a5e.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 1 KB
614 B 14ms
12ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/8390b93a9c186729ed2345d9fd812a5e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b0d0396320f78f4a0371e6d58014dda2c73a95bd5683450465e6030e564539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 463216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 574
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 11:09:37 GMT

GET
H3 200 00406f38b93716d1ef369f0caf0c221e.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 750 B
477 B 18ms
16ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/00406f38b93716d1ef369f0caf0c221e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1953595a20737565fbdd8648632b281c3d70077e604eb840db547f12c35ba4fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 438
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 06:33:42 GMT

GET
H3 200 3fa566ffb68e754e3f94735316239262.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 5 KB
2 KB 17ms
14ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/3fa566ffb68e754e3f94735316239262.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80b40dfccd975298f1bbfdea08ce8e09da822b75ba8992f06da14122fe2de8c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 05:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482765
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1651
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 05:43:48 GMT

GET
H3 200 eab840bc6ee1119a139b4f734d1fdb50.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 1 KB
510 B 15ms
13ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/eab840bc6ee1119a139b4f734d1fdb50.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c268fc5ce52b646b09f65d4f0f1b1749f9f94ca7854fd45072fa8cd2f45b0798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 11:02:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 550054
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 471
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 11:02:19 GMT

GET
H3 200 042381b4fa30b6ddeeb2d23f5ce90eed.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 4 KB
2 KB 18ms
15ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/042381b4fa30b6ddeeb2d23f5ce90eed.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

947360463dacd7a7758861266ccdc00693ca798845d88090d7a4ecf83c5adb1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430755
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1665
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 20:10:38 GMT

GET
H3 200 4e556d550f2695d06b7cf16e16015af9.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 936 B
393 B 16ms
13ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/4e556d550f2695d06b7cf16e16015af9.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d59572b7482e805e1e1fa211d3194d35a961b1bc654bc2bf0199e65ac2f23e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462494
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 354
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 11:21:39 GMT

GET
H3 200 3791d5324d14b05b7391fb92387477a4.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 668 B
416 B 15ms
13ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/3791d5324d14b05b7391fb92387477a4.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fd3ac8cae2a5a56096ab98b83ed8154ec7ff769a7f21efa30328bb847fc4f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 16:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 445568
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 377
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 16:03:45 GMT

GET
H3 200 7d68c4381ae482ed77e61485ba104ee1.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 286 B
257 B 25ms
23ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/7d68c4381ae482ed77e61485ba104ee1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73bfaf828891a1fe33ce82ea5331b0c1381538486104a8740c309de4394254cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429712
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 218
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 20:28:01 GMT

GET
H3 200 dd65d19974196a6ba920186e77c26f01.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 2 KB
1 KB 24ms
22ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/dd65d19974196a6ba920186e77c26f01.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

195ac7249e147ef6486617e755244f9272ff299b9da7f2123d368745bd035621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1008
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 06:46:29 GMT

GET
H3 200 81e10bebf1ae9c240772e2d942f62e3d.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 1 KB
643 B 25ms
22ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/81e10bebf1ae9c240772e2d942f62e3d.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8e0ada042a1632c2166e738bfcadc16b75afa484537f98895eeb72a7328b749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 11:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 549583
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 603
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 11:10:10 GMT

GET
H3 200 20cd3c9c87a3dcad42074ff89b4391e0.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 8 KB
2 KB 24ms
22ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/20cd3c9c87a3dcad42074ff89b4391e0.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 23:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505181
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2458
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 23:30:12 GMT

GET
H3 200 8cc05b6ea379ae3ce855c8e91d3a6a6f.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 3 KB
2 KB 24ms
21ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/8cc05b6ea379ae3ce855c8e91d3a6a6f.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5515223ac2cb272d4dcf91a4aefced55a3d51bb3207cee2f11fae692b8dbabc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1505
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 20:34:30 GMT

GET
H3 200 24a25f4cdd6c1001cf856754fae49d3a.jpg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 3 KB
3 KB 23ms
20ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/24a25f4cdd6c1001cf856754fae49d3a.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc0460ae3132ef7c64b455a236c91750039f638117a23e1fd37160013a665548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:07:29 GMT
x-content-type-options: nosniff
age: 463344
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2828
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 11:07:29 GMT

GET
H3 200 e4248f14dddf10d4fa110347305ad715.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 3 KB
1014 B 21ms
19ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/e4248f14dddf10d4fa110347305ad715.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d04d93508f8554bfeed7261187fe9a229b5d1552ac019fe9b344cb245761af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 19:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517906
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 975
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 19:58:07 GMT

GET
H3 200 8aab136e795eef8a306910b382197d5e.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 2 KB
761 B 22ms
20ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/8aab136e795eef8a306910b382197d5e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce45f021bb37070d011ba312a6162f46e215ccd2c30990bac8f6175903e0c291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 23:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505912
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 722
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 23:18:01 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame ABF4 624 B
297 B 32ms
29ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhjc_c27ATAB&v=APEucNXLH27n_afp2VUc_6LbMWwcjC4UqruTdzrNmxTX4eFTC6ObGLrUhbZhfBTQ728tju0CGMTo8pomE5qpJZ9vX6V1K35IP_jVNGJILm0xnDTcisZ6n8IOF_I7NC28Poj01mg9FDwPjwP5NPHwweB_tY7CpfCZlFyt7Y-hx-1_2ppomg4Oe0I

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 22 Nov 2021 19:49:53 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1A0F 25 KB
14 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DQ9u4BDa5vuh53IXbXQLhy7ojKhatCRg26uhXSyWxiY0rsR444HnGT3uSJ9vr9hU2QDd2nPE0OTU4r94mnms3k-c5G0WHasCubBaR6fEXVVz8_5gPIOaBHR9CkjhJF2mLYVEdWvITF_o0vjqyflehgTJZIrw&cry=1&dbm_d=AKAmf-D1r8Ouw0x5j18zHfehfQxvQPDFXu-fAY_POLHkghmKGlND65S2f0650r4Fkpc6E8STK6jdLkc-tMv2LP71JVuzXLDzq68DEw-SVCzg15PPz8A7SbhP4nss7WTX6uVxQrq2lqhvunmU1PPs7izHrsuo8LqqnIHSejQBGhDfO1JAAGhvcPoYULvYOJXlL1DfMsEQlm6hcbGxwXStdGXeVX-viSyFBkY3dAOsP20uhUqcbAkcLZtgL61D5Do5emS3nEC3r68Y8lRXVUCoCpp5-OMWEs2Q68ny31fxP8im7g52R1cNBLFBwkdABcAzD1H6I-S_nn8Lu7wYjeoToc1vpt28Len9AROv43s_Tx_IruXMSO9h5UY-dyqcrtFQfgz5tm78TAzxxGkPAZAIvG78K2cryBRZPBpaxxnDGBe0A5YdpZwWrOs8flbI8d-GIbscUVTdYQKsZv3U1ZZQ0tH5EmWydi-du4Wj8_iK_FCwd8jnv1EzNejydcOiE6v2w1TPrgJkIecve0wF0x7teea6s4n-1O2xA5RwCHHMRpOS6dsqEYz4LJhQ2gj9ry4LTWETucURXLpXzA-Fk5s26TGNErQGZDqXf2YPDTTe-P903mDRyBW9YLyRUFzFWZIaH2pAW0mdmRbU65--qahaj8bXA5hcKApMXzIKtO0Utr1eL8IcRlNznwojKuFkvMWbowOoQ0cJwcebFl8e4b9priZjG3koWcUetr3u0GvhDb0FE2HlmsN5l8gDVN4f-MP3TXuDHn-gqxy7iwHBdzmiHb6sRg6QwYSI50lj1OKbi1H_dygRn4dxUoZveO8jUF9T7f-WyvLSSgRsoFWCn2rxzZ5aWX5io0uejl1wqh1bxiO6L9x_YFmCR1GVMRKLy0orNgpjZ8zT-i3wjE3_Od1j7So4KD0hhoQiutn3BzSclsfbJufMN_Gw76b92Y8-7NK018T4ZQPGmIzK6GMkIrj0WOJnRCUrUtJs8AAPuWs5vYZXhbsQ98FGN25rtwWleC4uUpigLy3OFU3IEI2obR53DyGYlbUy5a7NFAJiR33LkP3mr4HDYZuVFmMCMZGvoPRiOrvxZjMBJNmCC71EZ1ZhpNJu97_qBlCiOG5VByCfUl9tm_np1GbmGYZiiLS4XkE16wCBjvI9onYCfQfdY-ke-AKV3Ax7EtodEzydWawlGwXCTyVMxz6GWgPceBehu9On2jLCYb7vfZpXBx522K-j2r0kg1ALdGgg2X-t2DxnBVYrdOjuwLGrn4BPsLb2AYuYcYTCbi1fZthCYNWBClb01DyQBeQz1tRrbow6HhyaUWjMenXIvY-PPpkqYi5wpPO2PgrUAM_RN9Y3TTAdxMKdEx1C97JowNzd-Ds2Ab3Ea9IqtY4O8LGn0mVqRlAD8bdpJuOyvrJ3wGZWEwSbK4O-HYObN50pC-ElxMhJ_kNlb9cbkxSZskMTCLCoW33zOhO0gK3rUyoy6r77nOMcW69zqia78rAPuEtEGEe9oi9q-6AT-WhP-WuEUgGdEwLxeSTDOhk4ilD3Mx3cOe9ukyAfNxUy5iakl_HfgY1GrOExI2mq944skoTpbEs4opcP7lHHx6rZ0jR7nYzgAj4yArB2rdfxjlD5TCoNySTAg1AXgxVd6Vto-Y15eL7ThHCMKq3qho0jdxYCe6JJZVDEbM-rqFkjcUvBTS3mi3qgbqMSxN_kPvUlWqeAXhcSndbWZx7U4WQGxJOauw3PVjoQQjfnhuTqtZIrQ1VDLUBEf2_vNzfW7gWt8fulnZYAxeoCTv1nRxaZYvUJB0l9Lq928zRfmNxS57a1FoJ0lkjEiHl_TFpSrT-GL_YpVFE5yn7QnBL3W-SgVds-1DIU2sM826Io8xkLV6IFX59SY0sMDEy3rr6f5K58-wr1q41D50j8pC1jxdXT8l9CFVWl1GcILIM6IY8eP9w8me8zr7ayanyskrNIqja31d_xNAMjRKV35ubh58xu3tDNpJbkp_ZQKAnbAxYPj7vIdc1Y7ENnq1scWBXbaY7JDytkox__vLmTGQzdEQHdEebnlH2A91q2x6A7rM02eSmyptAvpzGWuR3w1sR4jY2mX0oTlFLnJ-6G-IWmEXIl24XYeVeBWQY8MiF_fn7ydmE5GLESqdsy79R5DdmllqkQaYsnyXrKIYl5QkWzGrBQ-LjRC4DVj7TKesqk0LNvdCtXE3A4bRIfNaesvYgKUzu4hh5ISTpcxOrFv7c9Wwg8k_3CvxrHuBPZoMdBFwEowSzqyPgqGCMw89lR6nTqkVb4iBte5roKRnXorCdX9sik0LxiERU1dE4sXSczPHBQtKMx0w3L8XToV7aPvsBWv1xVMmCmlMk6tKxzuygK2SMQPvZ6FUbBzLiQfbQqRQIsKzreK3wkneGOmoxTmcQbYerD7OLiG6tZEdmfqmEViAzjjkcbeqj_ipZIH9hglCwiOi6kvNPW6bnJQqsAUrbSypNnxIMsnMSfcTWsD7tLwcGJwVdcMhG3wHDFx-w4oAzq6ok6BcYyYvYlSLpYylaCV34FQSB0rPZHO1PmEU2c5WymeCyomspFeDJZDSpKkHiBi6VUOsIMGHL8OBzsRFPRcGU5fZ4SxsGkeXUESfSOCdpLYJR9V0W_e0zdnGUL3WIlar-p2Ni6QIeY1dev8kXvksdFymyavIi5c-KNsUMHi64irIAcT0Z-JND44pbXqhZxwqrSSQuagKGySGpEwtc9ZfcWEOMxyU-qfGZgXN1N_nDfBzJyEgl1n4eW1oLrcALC3H5XYse_ZwrwNnSVYpZYomd1gnyFRvAQBHFPJS_DMXBqOMZlisiYQwBECzRqSro_xMLhsczq5O5Uiu4YYpzmthDu4f3Hm-e65OOFHQQgPBabO7midSigOEUi1CL18iepM9fCtCsO8v5pzZFoDJ9I-jBSlkc04xJtd6XMlICNs81OSYMGBd-iyjD1xW_iZNVk2uJxufo__7qfiRGorE-Gk_tfn2VJ_Fpcd5DtnTl_ryQV1Cl_DHmxBLen3I9obhC9mOnP1Ej9Co0aOLQOlFd57RX0D39NQhj0tjvVDTX_W3UumJGirIla-LqA_cEGVpoumnTOZoTqDwF44LJ_dgNZ6azOGKdySxLQWgZmGYvlLN2NYtRQFiYrKBUwRblREFXDX3WGzg5UgpPBt88N2Tkery8Y-rzn67zkpddiOrp5cpXRWwZ-VLmHmejSkmlU-xjMdWUworE89Kj0frh8b74P_2TJLviXAiA&cid=CAASEuRofMefjs_Xpyo5I3wNAhM8hg&rfl=1%2Chttps%253A%252F%252Fwww.controle.50emais.com.br%252F%240

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1be92f892dd16f6bbb87ffded50c104f15d2affd786e535b3a5769c5057026a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14797
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A0F 42 B
63 B 47ms
46ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BQzRBOi_B6EQZIWb8aqEo4aHMq9Lk3-QQVs7HcYfgcLJSjXIAKnI9Q9eyfiyJOFJaaOzFCGUOb599KY8eZlA6O8fLWjCb22M7y45CO1u7nge75nPc

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 1A0F 32 KB
8 KB 53ms
9ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:53 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame 1A0F 3 KB
2 KB 55ms
10ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4285695&gdpr=&gdpr_consent=&kid=2958451&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCxnM9YPSbYeP7Ipm4gAeErLXYBLqxmL5mguizgYcP8C4QASD3lKwwYJWCi4KYB8gBCakChgILxDfosj6oAwGqBPoBT9Ao3T3TW1bdwEPU7EwdpylP0Y_YAG2umO0v94uaeG7iVRta8EcZvltyDvea5jdKFXMa5UmJ01DJcvdk0jKEwJnJBX5za-KoWmT1f3MR22ZJOjLswAasmk9bttKbEr6lij-iyEIgltue1pchqC9IayuGgA9M1_0XlhoF_gfB90zCKTOUqDzFZnO-StghvSqrkKyV9BAPjfKDC27ibO1ty0mQcnZ71R0Qavm1uAYKlc9nSBeV9WrQgwNXkJjIvdf0I0Yez0aPbC5Rf5vmNHHYMiIuGp4RC_h4l5ffayesUZuQMQJPSYoDpnzxMyCLGzjX_jWPRBxxuNwU-sAE_OTPmNIC4AQDkAYBoAZNgAesqMu9AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT4ZXKCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRofMefjs_Xpyo5I3wNAhM8hg%26sig%3DAOD64_0Ua3yTGQSmks4XAXJgBy0IZyC06A%26client%3Dca-pub-3619045887187031%26dbm_c%3DAKAmf-B-l9e9MuA8Sd5dRW_iQlsUXg-7UCM6Zy7mhy7WEDA4IO01aNMNpM6UZJC3fqjOJUrVZtnnpbzQA7xPqFCxZu0L6nKZPFxfApISSMqdox53LE8HS7AVnBZR2eYAnpL7QlPDOt3urakTKI5IiVQtwYbu4xsgPQ%26cry%3D1%26dbm_d%3DAKAmf-DGjHu-oDUfHrNYP9G6lfoR1x85m8XFRjC9z9JtOrwWkLVY1zLB-oCQvVEKbqNUHRktwhKqbETAnDgAnIASG2HPRWPFBxQ03Oel0cklECCjVvT5t2HrdrJFkmSUs4Gm28DOo9h8BOTSh0KfvfdZKy2IE1w8xdKwhYGI-51xNift-31YwUklnR9BadbA4zLGcR5kGQnylW5Oa2MLhirgkoSldHqaSj0tC_LhIyPlkNHBUvB97cb5AdYg7GFdX1eewCbNokL3I3gRQF-ksj7cpNUF4Xowmj5pS-3FdEhmuiqy6D1pZLQ8BBXNE-DAIEEWwYUnRe9p8D4kd1-G9FIgd-QFIgs7fBNlOMuhzj6F2uMJD7c7bpxOde26M1JZpSX_25n9l5Fgs67oq4PzVs-rWFu4uiqzeUa-eX2sDvTp5vhDoLmPS7BOWTBtiwtdfRAMNLAMSgj23QqoKSiWmzl1r-IUqflfaA%26adurl%3D
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 25adf7ff32e58b0a5dc28cda288a035f54dfd63fc7600945b69dc160490649d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:49:53 +0100
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
cache-control: max-age=600
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1A0F 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:46:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A0F 119 KB
36 KB 87ms
63ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Nov 2021 19:49:53 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1A0F 15 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:43:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1A0F 0
0 25ms
24ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRoPwGp8w2iLTWnScJ1iz1yy1wXou5N5Kawn07LrY5oZYt6lcbbCZw6RFRESlr6bzSMjr_qrNlMhnexBMGjQyOILtwOpA
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 e5d7081282acd417281531c186e82fcb.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 7 KB
2 KB 17ms
17ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/e5d7081282acd417281531c186e82fcb.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5d25cf30eedb486007b7254d7c53c15e95dc8ef63d3750a2cfdcda93aa96ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 08:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2033
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 08:38:19 GMT

GET
H3 200 8390b93a9c186729ed2345d9fd812a5e.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 1 KB
614 B 17ms
17ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/8390b93a9c186729ed2345d9fd812a5e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b0d0396320f78f4a0371e6d58014dda2c73a95bd5683450465e6030e564539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 463216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 574
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 11:09:37 GMT

GET
H3 200 00406f38b93716d1ef369f0caf0c221e.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 750 B
477 B 17ms
16ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/00406f38b93716d1ef369f0caf0c221e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1953595a20737565fbdd8648632b281c3d70077e604eb840db547f12c35ba4fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 438
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 06:33:42 GMT

GET
H3 200 3fa566ffb68e754e3f94735316239262.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 5 KB
2 KB 19ms
16ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/3fa566ffb68e754e3f94735316239262.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80b40dfccd975298f1bbfdea08ce8e09da822b75ba8992f06da14122fe2de8c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 05:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482765
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1651
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 05:43:48 GMT

GET
H3 200 eab840bc6ee1119a139b4f734d1fdb50.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 1 KB
510 B 21ms
18ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/eab840bc6ee1119a139b4f734d1fdb50.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c268fc5ce52b646b09f65d4f0f1b1749f9f94ca7854fd45072fa8cd2f45b0798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 11:02:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 550054
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 471
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 11:02:19 GMT

GET
H3 200 042381b4fa30b6ddeeb2d23f5ce90eed.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 4 KB
2 KB 21ms
18ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/042381b4fa30b6ddeeb2d23f5ce90eed.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

947360463dacd7a7758861266ccdc00693ca798845d88090d7a4ecf83c5adb1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430755
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1665
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 20:10:38 GMT

GET
H3 200 4e556d550f2695d06b7cf16e16015af9.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 936 B
393 B 21ms
18ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/4e556d550f2695d06b7cf16e16015af9.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d59572b7482e805e1e1fa211d3194d35a961b1bc654bc2bf0199e65ac2f23e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462494
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 354
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 11:21:39 GMT

GET
H3 200 3791d5324d14b05b7391fb92387477a4.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 668 B
416 B 21ms
18ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/3791d5324d14b05b7391fb92387477a4.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fd3ac8cae2a5a56096ab98b83ed8154ec7ff769a7f21efa30328bb847fc4f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 16:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 445568
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 377
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 16:03:45 GMT

GET
H3 200 7d68c4381ae482ed77e61485ba104ee1.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 286 B
257 B 21ms
18ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/7d68c4381ae482ed77e61485ba104ee1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73bfaf828891a1fe33ce82ea5331b0c1381538486104a8740c309de4394254cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429712
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 218
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 20:28:01 GMT

GET
H3 200 dd65d19974196a6ba920186e77c26f01.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 2 KB
1 KB 22ms
18ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/dd65d19974196a6ba920186e77c26f01.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

195ac7249e147ef6486617e755244f9272ff299b9da7f2123d368745bd035621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1008
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 06:46:29 GMT

GET
H3 200 81e10bebf1ae9c240772e2d942f62e3d.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 1 KB
643 B 22ms
18ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/81e10bebf1ae9c240772e2d942f62e3d.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8e0ada042a1632c2166e738bfcadc16b75afa484537f98895eeb72a7328b749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 11:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 549583
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 603
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 11:10:10 GMT

GET
H3 200 20cd3c9c87a3dcad42074ff89b4391e0.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 8 KB
2 KB 22ms
18ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/20cd3c9c87a3dcad42074ff89b4391e0.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 23:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505181
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2458
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 23:30:12 GMT

GET
H3 200 8cc05b6ea379ae3ce855c8e91d3a6a6f.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 3 KB
2 KB 22ms
18ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/8cc05b6ea379ae3ce855c8e91d3a6a6f.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5515223ac2cb272d4dcf91a4aefced55a3d51bb3207cee2f11fae692b8dbabc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1505
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 20:34:30 GMT

GET
H3 200 24a25f4cdd6c1001cf856754fae49d3a.jpg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 3 KB
3 KB 22ms
19ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/24a25f4cdd6c1001cf856754fae49d3a.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc0460ae3132ef7c64b455a236c91750039f638117a23e1fd37160013a665548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:07:29 GMT
x-content-type-options: nosniff
age: 463344
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2828
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 11:07:29 GMT

GET
H3 200 e4248f14dddf10d4fa110347305ad715.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 3 KB
1014 B 23ms
19ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/e4248f14dddf10d4fa110347305ad715.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d04d93508f8554bfeed7261187fe9a229b5d1552ac019fe9b344cb245761af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 19:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517906
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 975
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 19:58:07 GMT

GET
H3 200 8aab136e795eef8a306910b382197d5e.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 2 KB
761 B 24ms
20ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/8aab136e795eef8a306910b382197d5e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce45f021bb37070d011ba312a6162f46e215ccd2c30990bac8f6175903e0c291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 23:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505912
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 722
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 23:18:01 GMT

GET
H3 200 e5d7081282acd417281531c186e82fcb.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 7 KB
2 KB 25ms
13ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/e5d7081282acd417281531c186e82fcb.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5d25cf30eedb486007b7254d7c53c15e95dc8ef63d3750a2cfdcda93aa96ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 08:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2033
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 08:38:19 GMT

GET
H3 200 8390b93a9c186729ed2345d9fd812a5e.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 1 KB
614 B 26ms
9ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/8390b93a9c186729ed2345d9fd812a5e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b0d0396320f78f4a0371e6d58014dda2c73a95bd5683450465e6030e564539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 463216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 574
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 11:09:37 GMT

GET
H3 200 00406f38b93716d1ef369f0caf0c221e.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 750 B
477 B 27ms
9ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/00406f38b93716d1ef369f0caf0c221e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1953595a20737565fbdd8648632b281c3d70077e604eb840db547f12c35ba4fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 438
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 06:33:42 GMT

GET
H3 200 3fa566ffb68e754e3f94735316239262.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 5 KB
2 KB 28ms
11ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/3fa566ffb68e754e3f94735316239262.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80b40dfccd975298f1bbfdea08ce8e09da822b75ba8992f06da14122fe2de8c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 05:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482765
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1651
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 05:43:48 GMT

GET
H3 200 eab840bc6ee1119a139b4f734d1fdb50.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 1 KB
510 B 28ms
11ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/eab840bc6ee1119a139b4f734d1fdb50.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c268fc5ce52b646b09f65d4f0f1b1749f9f94ca7854fd45072fa8cd2f45b0798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 11:02:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 550054
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 471
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 11:02:19 GMT

GET
H3 200 042381b4fa30b6ddeeb2d23f5ce90eed.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 4 KB
2 KB 29ms
12ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/042381b4fa30b6ddeeb2d23f5ce90eed.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

947360463dacd7a7758861266ccdc00693ca798845d88090d7a4ecf83c5adb1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430755
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1665
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 20:10:38 GMT

GET
H3 200 4e556d550f2695d06b7cf16e16015af9.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 936 B
393 B 29ms
12ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/4e556d550f2695d06b7cf16e16015af9.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d59572b7482e805e1e1fa211d3194d35a961b1bc654bc2bf0199e65ac2f23e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462494
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 354
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 11:21:39 GMT

GET
H3 200 3791d5324d14b05b7391fb92387477a4.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 668 B
416 B 29ms
12ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/3791d5324d14b05b7391fb92387477a4.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fd3ac8cae2a5a56096ab98b83ed8154ec7ff769a7f21efa30328bb847fc4f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 16:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 445568
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 377
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 16:03:45 GMT

GET
H3 200 7d68c4381ae482ed77e61485ba104ee1.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 286 B
257 B 29ms
13ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/7d68c4381ae482ed77e61485ba104ee1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73bfaf828891a1fe33ce82ea5331b0c1381538486104a8740c309de4394254cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429712
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 218
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 20:28:01 GMT

GET
H3 200 dd65d19974196a6ba920186e77c26f01.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 2 KB
1 KB 30ms
13ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/dd65d19974196a6ba920186e77c26f01.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

195ac7249e147ef6486617e755244f9272ff299b9da7f2123d368745bd035621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1008
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 06:46:29 GMT

GET
H3 200 81e10bebf1ae9c240772e2d942f62e3d.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 1 KB
643 B 30ms
13ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/81e10bebf1ae9c240772e2d942f62e3d.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8e0ada042a1632c2166e738bfcadc16b75afa484537f98895eeb72a7328b749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 11:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 549583
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 603
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 11:10:10 GMT

GET
H3 200 20cd3c9c87a3dcad42074ff89b4391e0.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 8 KB
2 KB 30ms
13ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/20cd3c9c87a3dcad42074ff89b4391e0.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 23:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505181
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2458
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 23:30:12 GMT

GET
H3 200 8cc05b6ea379ae3ce855c8e91d3a6a6f.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 3 KB
2 KB 30ms
13ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/8cc05b6ea379ae3ce855c8e91d3a6a6f.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5515223ac2cb272d4dcf91a4aefced55a3d51bb3207cee2f11fae692b8dbabc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1505
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 20:34:30 GMT

GET
H3 200 24a25f4cdd6c1001cf856754fae49d3a.jpg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 3 KB
3 KB 30ms
14ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/24a25f4cdd6c1001cf856754fae49d3a.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc0460ae3132ef7c64b455a236c91750039f638117a23e1fd37160013a665548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:07:29 GMT
x-content-type-options: nosniff
age: 463344
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2828
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 11:07:29 GMT

GET
H3 200 e4248f14dddf10d4fa110347305ad715.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 3 KB
1014 B 31ms
14ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/e4248f14dddf10d4fa110347305ad715.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d04d93508f8554bfeed7261187fe9a229b5d1552ac019fe9b344cb245761af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 19:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517906
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 975
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 19:58:07 GMT

GET
H3 200 8aab136e795eef8a306910b382197d5e.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 2 KB
761 B 31ms
15ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/8aab136e795eef8a306910b382197d5e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce45f021bb37070d011ba312a6162f46e215ccd2c30990bac8f6175903e0c291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 23:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505912
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 722
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 23:18:01 GMT

GET
H/1.1 200
OK request.php Show response
hal90001.redintelligence.net/ Frame 2483 2 KB
1 KB 118ms
76ms Script
application/x-javascript 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=d48e3b6c84&subid=&uid=6d836bec22a1f4ce&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYyeeX_SbYc3lN8OF7gOrybGgCbXN-YNXzN65q-UM8C4QASD3lKwwYJWCi4KYB8gBCakCqJicWSHksj6oAwGqBPsBT9CtMqyZlbhWV4KwSh68P6ploZ6R8Xc6sTrB43DWwQHQJjUzjWFVpMelPoPXUmNvaIQqjaQ18oFfe7uORFivkYmz5zeBo6xDw36s8KrX3XhJugwXJkMsBM2G0vTJ6RwY3LuICMqF5c66ciHkRLl2-NBJhcn6kpmiP1TiqSrUKwU4wMrkXq977sRADGaABqJ1a1Drj8V0Bta9o6zVTsE79PI74hyMZNseGmgoMkW8gl1rgUwqGmZmrZQpZYDdbvPhsHY1YKpzZMjl0lIBjuxsgw2JCaxa1oC-Bz6g2RoLUu9QMlobCEdHGD2ou0TveHrL3S8F233bVX31NEzABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRokSSWr3rd-bAu3aYJpdqRjQ%26sig%3DAOD64_2ENeXz3NPqkHRFU83lvO8MZU5dFA%26client%3Dca-pub-3619045887187031%26dbm_c%3DAKAmf-CEcNQGtW8T9tAUrjWLhSPAELBQx4LpUQI8mNyL-2G1GDatqca4ZFkFqlscmO48PTWTPGtzLs8J3TDWa_3NML0pOFZYgshLUU97FC8s_exYcU138E0Q65H3tH9KMJomIh61J9ccxUiTsylTs-j6WIbnE2M63A%26cry%3D1%26dbm_d%3DAKAmf-BF6c2oQisA2WcJfUdXXWNVeYQQ8xEbMObmqvPHEki4v5_DHTVH5WVoQePQ-DuARsszUqz6ueHC9Tvr6iClX2wl6ytKYo8zurAcoFW19bgqNfX0F0Kf7cCuHSGV-_qnHNbmFNwF_f1JYtn85d0jsVuCrwDQmhIHLE3hdjAXJ1-P-Xdtf79OG7X2XKrfpyU5260BpnyLW7IfXlPaTU8WIp9B8rbM2jwRLhwbE3zOIwPDEaJNOuol3JVylhduUiSjvTg0TNMXmtG9Y42hmH8li2Wv42eSziyzXBr1HB_U8tvdIfBZM8NHxktYJnNJP1lKyiH_gXIM4YLtFv1yzzTSk0uMaikLJkiQIppGCdoXtnPljAq1lCMwh2MqU3k1IdQhmxxZ--OG4aMQWYW5SaH1GyMLOlCqYMPEzpgGU1JwL6t8AeZBmxiXlrKF2QdiWmG_4KBRG3_w7rUu5lHSYwE6w3oHlkazKQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.controle.50emais.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.controle.50emais.com.br&random=2108147231990&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/npoee1nv94vs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYyeeX_SbYc3lN8OF7gOrybGgCbXN-YNXzN65q-UM8C4QASD3lKwwYJWCi4KYB8gBCakCqJicWSHksj6oAwGqBPsBT9CtMqyZlbhWV4KwSh68P6ploZ6R8Xc6sTrB43DWwQHQJjUzjWFVpMelPoPXUmNvaIQqjaQ18oFfe7uORFivkYmz5zeBo6xDw36s8KrX3XhJugwXJkMsBM2G0vTJ6RwY3LuICMqF5c66ciHkRLl2-NBJhcn6kpmiP1TiqSrUKwU4wMrkXq977sRADGaABqJ1a1Drj8V0Bta9o6zVTsE79PI74hyMZNseGmgoMkW8gl1rgUwqGmZmrZQpZYDdbvPhsHY1YKpzZMjl0lIBjuxsgw2JCaxa1oC-Bz6g2RoLUu9QMlobCEdHGD2ou0TveHrL3S8F233bVX31NEzABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRokSSWr3rd-bAu3aYJpdqRjQ%26sig%3DAOD64_2ENeXz3NPqkHRFU83lvO8MZU5dFA%26client%3Dca-pub-3619045887187031%26dbm_c%3DAKAmf-CEcNQGtW8T9tAUrjWLhSPAELBQx4LpUQI8mNyL-2G1GDatqca4ZFkFqlscmO48PTWTPGtzLs8J3TDWa_3NML0pOFZYgshLUU97FC8s_exYcU138E0Q65H3tH9KMJomIh61J9ccxUiTsylTs-j6WIbnE2M63A%26cry%3D1%26dbm_d%3DAKAmf-BF6c2oQisA2WcJfUdXXWNVeYQQ8xEbMObmqvPHEki4v5_DHTVH5WVoQePQ-DuARsszUqz6ueHC9Tvr6iClX2wl6ytKYo8zurAcoFW19bgqNfX0F0Kf7cCuHSGV-_qnHNbmFNwF_f1JYtn85d0jsVuCrwDQmhIHLE3hdjAXJ1-P-Xdtf79OG7X2XKrfpyU5260BpnyLW7IfXlPaTU8WIp9B8rbM2jwRLhwbE3zOIwPDEaJNOuol3JVylhduUiSjvTg0TNMXmtG9Y42hmH8li2Wv42eSziyzXBr1HB_U8tvdIfBZM8NHxktYJnNJP1lKyiH_gXIM4YLtFv1yzzTSk0uMaikLJkiQIppGCdoXtnPljAq1lCMwh2MqU3k1IdQhmxxZ--OG4aMQWYW5SaH1GyMLOlCqYMPEzpgGU1JwL6t8AeZBmxiXlrKF2QdiWmG_4KBRG3_w7rUu5lHSYwE6w3oHlkazKQ%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: f5c70aa78032f283d68c609fed6495c6b44c5629ec8fe4fcdd67981f52b96376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 17138600208629500710616011786001
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 894
Expires: Mon, 22 Nov 2021 19:49:53 +0100

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame E313 0
104 B 88ms
24ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKjrrBuHILEh5-_VQYUkPjI&google_cver=1&google_push=AYg5qPI6W8WEAEp1fZ1I9yVFq8s22YzALX9bc1I259jL1ECpMVBQSLgX0oOPCDAHwxzTMPIm8-sSTVMSzOiKzpcNfT0QZHrNR4EM4g
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E313
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGgKSqQXwQmL0tWiC2T31gk&google_cver=1&google_push=AYg5qPJPyI8ojpbtmOmBl9c1Vlv-R0GeV3j-MYdhIfY3H6_ToFV6Ep3--0Bz1hPKJ59fWsa5RkyR2mOIOKai_JOI6gitr5d...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJPyI8ojpbtmOmBl9c1Vlv-R0GeV3j-MYdhIfY3H6_ToFV6Ep3--0Bz1hPKJ59fWsa5RkyR2mOIOKai_JOI6gitr5dPjRBq&google_hm=NjA2MjQwOTU5MTMwNDIwND...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJPyI8ojpbtmOmBl9c1Vlv-R0GeV3j-MYdhIfY3H6_ToFV6Ep3--0Bz1hPKJ59fWsa5RkyR2mOIOKai_JOI6gitr5dPjRBq&google_hm=NjA2MjQwOTU5MTMwNDIwNDYzMQ%3D%3D

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Nov 2021 19:49:53 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJPyI8ojpbtmOmBl9c1Vlv-R0GeV3j-MYdhIfY3H6_ToFV6Ep3--0Bz1hPKJ59fWsa5RkyR2mOIOKai_JOI6gitr5dPjRBq&google_hm=NjA2MjQwOTU5MTMwNDIwNDYzMQ%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E313
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL0cA4GVxGN4FiXH3Ucrxsk&google_cver=1&google_push=AYg5qPLv8f0oalYLZqVlsoR1TWimqO1Nor8Imx4r9HsyHnbJz4G6MdiqdKAJpN1qjFObwbv3bwynwZZ-...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEL0cA4GVxGN4FiXH3Ucrxsk&google_cver=1&google_push=AYg5qPLv8f0oalYLZqVlsoR1TWimqO1Nor8Imx4r9HsyHnbJz4G6MdiqdKAJpN1qjFObwbv3bwy...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjQ4NjQ3NTUzMDI2NzQ0Nw&google_push=AYg5qPLv8f0oalYLZqVlsoR1TWimqO1Nor8Imx4r9HsyHnbJz4G6MdiqdKAJpN1qjFObwbv3bwynwZ...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjQ4NjQ3NTUzMDI2NzQ0Nw&google_push=AYg5qPLv8f0oalYLZqVlsoR1TWimqO1Nor8Imx4r9HsyHnbJz4G6MdiqdKAJpN1qjFObwbv3bwynwZZ-xRY77SCEMqnSErXQmLV1bA

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjQ4NjQ3NTUzMDI2NzQ0Nw&google_push=AYg5qPLv8f0oalYLZqVlsoR1TWimqO1Nor8Imx4r9HsyHnbJz4G6MdiqdKAJpN1qjFObwbv3bwynwZZ-xRY77SCEMqnSErXQmLV1bA
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E313
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH6UsaxcHs82wGo_VHfLFXI&google_cver=1&google_push=AYg5qPLB4zWCe1NwZosyeOuilafFRN1R8S6iTDIiL0Nz9RnEdRTbLYsiAUGAyRdm9LQdBneE8kB...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dCMzJDUlYtMU4tMlIwQw==&google_push=AYg5qPLB4zWCe1NwZosyeOuilafFRN1R8S6iTDIiL0Nz9RnEdRTbLYsiAUGAyRdm9LQdBneE8kBw_5fGWhsdqFIxI3wjB0JhIvcXfg

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dCMzJDUlYtMU4tMlIwQw==&google_push=AYg5qPLB4zWCe1NwZosyeOuilafFRN1R8S6iTDIiL0Nz9RnEdRTbLYsiAUGAyRdm9LQdBneE8kBw_5fGWhsdqFIxI3wjB0JhIvcXfg

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dCMzJDUlYtMU4tMlIwQw==&google_push=AYg5qPLB4zWCe1NwZosyeOuilafFRN1R8S6iTDIiL0Nz9RnEdRTbLYsiAUGAyRdm9LQdBneE8kBw_5fGWhsdqFIxI3wjB0JhIvcXfg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 5daa34953a867809056448757b76591b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E313
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIr1gMR2d-oMtGxrsGsWZ3w&google_cver=1&google_push=AYg5qPKw_x9Jiqgm0zmnpnqQoaABbl4kWViRLQlNXltQO80TOUbhRFq10XVqs7lr8sfOL6O6ax72KW8ahsJ68jooN...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIr1gMR2d-oMtGxrsGsWZ3w&google_cver=1&google_push=AYg5qPKw_x9Jiqgm0zmnpnqQoaABbl4kWViRLQlNXltQO80TOUbhRFq10XVqs7lr8sfOL6O6ax72KW8ahsJ68jooN...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKw_x9Jiqgm0zmnpnqQoaABbl4kWViRLQlNXltQO80TOUbhRFq10XVqs7lr8sfOL6O6ax72KW8ahsJ68jooNgf9SwDFLquo&google_hm=7d3532ad3922978cb6f34df3

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKw_x9Jiqgm0zmnpnqQoaABbl4kWViRLQlNXltQO80TOUbhRFq10XVqs7lr8sfOL6O6ax72KW8ahsJ68jooNgf9SwDFLquo&google_hm=7d3532ad3922978cb6f34df3

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 22 Nov 2021 19:49:53 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKw_x9Jiqgm0zmnpnqQoaABbl4kWViRLQlNXltQO80TOUbhRFq10XVqs7lr8sfOL6O6ax72KW8ahsJ68jooNgf9SwDFLquo&google_hm=7d3532ad3922978cb6f34df3
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E313
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMxRzyZcg19Ys9-Hn0jnHk0&google_cver=1&google_push=AYg5qPK4w9GTL4fzrF4Mhipm2jNx2fmM67OjE-SKDielaN4Gy2LnukGC...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMxRzyZcg19Ys9-Hn0jnHk0&google_cver=1&google_push=AYg5qPK4w9GTL4fzrF4Mhipm2jNx2fmM67OjE-SKDielaN4Gy2LnukGC...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEMxRzyZcg19Ys9-Hn0jnHk0&google_cver=1&google_push=AYg5qPK4w9GTL4fzrF4Mhipm2jNx2fmM67OjE-SKDielaN4Gy2Lnuk...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA1YzZjNjgxYS00YmNkLTExZWMtOWE2NC0wNmZmNDEwM2Q2Zjg%3D&google_push=AYg5qPK4w9GTL4fzrF4Mhipm2jNx2fmM67OjE-SKDielaN4Gy2LnukGChXhZMqjMmS...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA1YzZjNjgxYS00YmNkLTExZWMtOWE2NC0wNmZmNDEwM2Q2Zjg%3D&google_push=AYg5qPK4w9GTL4fzrF4Mhipm2jNx2fmM67OjE-SKDielaN4Gy2LnukGChXhZMqjMmSwfMxupEmEnnQFafRkrwB6U5zm1a57lsBdKew

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA1YzZjNjgxYS00YmNkLTExZWMtOWE2NC0wNmZmNDEwM2Q2Zjg%3D&google_push=AYg5qPK4w9GTL4fzrF4Mhipm2jNx2fmM67OjE-SKDielaN4Gy2LnukGChXhZMqjMmSwfMxupEmEnnQFafRkrwB6U5zm1a57lsBdKew
date: Mon, 22 Nov 2021 19:49:53 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 dot.gif
s0.2mdn.net/ Frame E313 43 B
71 B 72ms
70ms Image
image/gif 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEG0YAaA86lJGKmzt_mfPyXU&google_cver=1&google_push=AYg5qPL-9BZUBOJZd5hAfiH0uoeno19RN_kT_qbfcIKy2po180VcA3ZN_tbdCuH-9e3G65ahzddQgZemNSqs8dJ-Ad4Ho7t-Lb4q_g

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 19:49:53 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E313 0
12 B 32ms
30ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JWKRUeVlvVmyH8rw7-99SS1dcpI1uz42y3JYMWtTQhFlfptYl03SCGF_3MVMgcIZpJqqRs3Y4

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3B8D
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBOd1D6iNuHVFDq-xkiDR5k&google_cver=1&google_push=AYg5qPLfdk25ERRiywZ-_KnT7bDyzX3bDsUyXtC2HYCgA20CWMq8bEtiiE0EvZjlXVIq2ezlSA4-NI3FnnTIn0tehhUHGX-vF8wW
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM4MTI3NDMyNjE0NjcwNjcxOQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMhJZ0z0ymD4WZ5Z9wMZSYo&google_cver=1

43 B
407 B

49ms
22ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMhJZ0z0ymD4WZ5Z9wMZSYo&google_cver=1
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMhJZ0z0ymD4WZ5Z9wMZSYo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B8D
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJHZU9vJHSJvvMXsl8fxDyr0I1pE1bit4i684R...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVp2MFlRQUFCVS1BYmtyLQ&google_push=AYg5qPJHZU9vJHSJvvMXsl8fxDyr0I1pE1bit4i684R4Kso0Ed0UE57UtzGo3XCZXW8AnbpvaPPh3dQWGUQKJ7HovIe513HK7hjl

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVp2MFlRQUFCVS1BYmtyLQ&google_push=AYg5qPJHZU9vJHSJvvMXsl8fxDyr0I1pE1bit4i684R4Kso0Ed0UE57UtzGo3XCZXW8AnbpvaPPh3dQWGUQKJ7HovIe513HK7hjl

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVp2MFlRQUFCVS1BYmtyLQ&google_push=AYg5qPJHZU9vJHSJvvMXsl8fxDyr0I1pE1bit4i684R4Kso0Ed0UE57UtzGo3XCZXW8AnbpvaPPh3dQWGUQKJ7HovIe513HK7hjl
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 3B8D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGvbIi-K7Y8w-G6a-kNExHo&google_cver=1&google_push=AYg5qPLTFEZ5P7XTDWLIJd_Bki6cqF_9teJqlU9PdJQY8-whr71SA_1pqsPnaMYEKvEvOWSP0lQzBv1EibzbBybzk-o2QM5IdpTF&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGvbIi-K7Y8w-G6a-kNExHo&google_cver=1&google_push=AYg5qPLTFEZ5P7XTDWLIJd_Bki6cqF_9teJqlU9PdJQY8-whr71SA_1pqsPnaMYEKvEvOWSP0lQzBv1EibzbBybzk-o2QM5IdpT...

43 B
413 B

193ms
192ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGvbIi-K7Y8w-G6a-kNExHo&google_cver=1&google_push=AYg5qPLTFEZ5P7XTDWLIJd_Bki6cqF_9teJqlU9PdJQY8-whr71SA_1pqsPnaMYEKvEvOWSP0lQzBv1EibzbBybzk-o2QM5IdpTF&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLTFEZ5P7XTDWLIJd_Bki6cqF_9teJqlU9PdJQY8-whr71SA_1pqsPnaMYEKvEvOWSP0lQzBv1EibzbBybzk-o2QM5IdpTF%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b24af01aad559bf-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 59
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b24af000cd959bf-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGvbIi-K7Y8w-G6a-kNExHo&google_cver=1&google_push=AYg5qPLTFEZ5P7XTDWLIJd_Bki6cqF_9teJqlU9PdJQY8-whr71SA_1pqsPnaMYEKvEvOWSP0lQzBv1EibzbBybzk-o2QM5IdpTF&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLTFEZ5P7XTDWLIJd_Bki6cqF_9teJqlU9PdJQY8-whr71SA_1pqsPnaMYEKvEvOWSP0lQzBv1EibzbBybzk-o2QM5IdpTF%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B8D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOAobKCoRdMrDQR9IUJiKZI&google_push=AYg5qPJeYDUAJIPu-2x5Vv-AjVJp38_IXIzMDS_elO1_pXcP7aLYBn1Zl6...

170 B
188 B

37ms
36ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOAobKCoRdMrDQR9IUJiKZI&google_push=AYg5qPJeYDUAJIPu-2x5Vv-AjVJp38_IXIzMDS_elO1_pXcP7aLYBn1Zl6dURqgf7uup5qenp0F5NTfSHMuST2PTorjDkaSPDy1h

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1637610593.299159,VS0,VE80
x-served-by: cache-cdg20731-CDG
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOAobKCoRdMrDQR9IUJiKZI&google_push=AYg5qPJeYDUAJIPu-2x5Vv-AjVJp38_IXIzMDS_elO1_pXcP7aLYBn1Zl6dURqgf7uup5qenp0F5NTfSHMuST2PTorjDkaSPDy1h
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B8D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKbXoEkgtfeU3hvL0JXEcjQ&google_cver=1&google_push=AYg5qPILG1ZpeQ6SXeI4J5Y1cXoLYHsZbplKKENPiWU0wgtER-MrdbMasdxJyOp4s9FvAvhoy8PuuknFoYYB-hY12J1zX9VahXg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B7CB414A934473899657D93AD72D041&google_push=AYg5qPILG1ZpeQ6SXeI4J5Y1cXoLYHsZbplKKENPiWU0wgtER-MrdbMasdxJyOp4s9FvAvhoy8PuuknFoYYB-hY...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B7CB414A934473899657D93AD72D041&google_push=AYg5qPILG1ZpeQ6SXeI4J5Y1cXoLYHsZbplKKENPiWU0wgtER-MrdbMasdxJyOp4s9FvAvhoy8PuuknFoYYB-hY12J1zX9VahXg

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Nov 2021 19:49:53 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B7CB414A934473899657D93AD72D041&google_push=AYg5qPILG1ZpeQ6SXeI4J5Y1cXoLYHsZbplKKENPiWU0wgtER-MrdbMasdxJyOp4s9FvAvhoy8PuuknFoYYB-hY12J1zX9VahXg
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 21 Nov 2021 19:49:53 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 3B8D 0
141 B 39ms
15ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJMCF14hs9a6BbO-qLwe0vg&google_cver=1&google_push=AYg5qPKr699j2ATIp7f9X3aUg-1Mg0UJheUZ2_eocv_sn7T1wdMTIGqWXJrMk3h3gX3KbNW4dMC_vDneVpa6TUP8ugMjMREiVlCh
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:53 GMT
via: 1.1 google
alt-svc: clear

GET

pixel
cm.g.doubleclick.net/ Frame 3B8D
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESENr72ABQXU95URwzEHrVKiY&google_cver=1&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhn...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3B8D 0
12 B 15ms
15ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JRPY_3YzJLj-Mqymn2mtBnnczuxzdK3J0uvEY-x_LZ1ASMYb8X7QVp3sSAWucC92mbYQYp

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 2709ffc24586f09520807af65b6aa12f.svg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 3 KB
963 B 9ms
8ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/2709ffc24586f09520807af65b6aa12f.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a46978057caecf7869ff05b174b9499144990c93aba89dea5c5e38b3fe0b2c97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 23:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505180
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 924
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 23:30:13 GMT

GET
H3 200 28af368d3d47fc5c3ccc87378a16993f.jpg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 12 KB
12 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/28af368d3d47fc5c3ccc87378a16993f.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fecd11084ef963f52a2a6a0fc126fe4124b732a846e0bf2c239363f92a98538d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:22:41 GMT
x-content-type-options: nosniff
age: 462432
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12017
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 11:22:41 GMT

GET
H3 200 2216360da012d4ab1cf2525d698fa9ae.png
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 8 KB
8 KB 11ms
10ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/2216360da012d4ab1cf2525d698fa9ae.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

890cbff0e67e79106d6c4280209fe4e796fd83dbd239a01c95bd199777f7e98e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 05:36:36 GMT
x-content-type-options: nosniff
age: 483197
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7896
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 05:36:36 GMT

GET
H3 200 119a1396e1d4a1064af0f1af2a1a9dc5.svg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 4 KB
1 KB 10ms
10ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/119a1396e1d4a1064af0f1af2a1a9dc5.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb72142a17a3ab2aba7703aa0c296187a62d5c38ead165c5106afed3afa8961b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 10:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207756
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1397
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Nov 2022 10:07:17 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 897F 35 B
464 B 54ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAL0OBx3a4c9Ak9p_H2xSQM&google_cver=1&google_push=AYg5qPIq7-6__K5fAyb5BBYWr9wzNJ09HwhNLRQcPfEcaVznVt3joZnMpU8jDuUJpv4kRwh6vUOYa3v_JvOLaJkevEAztm6LEa9nrw

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 897F 0
103 B 33ms
25ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKjrrBuHILEh5-_VQYUkPjI&google_cver=1&google_push=AYg5qPKMnScLx0TytcFDiWfiyJs9etAIeTNswRkAF29tjTF1QYo1yt6O1kIV9W4ymXwxQd7T_no6vBdTegQdl3p5GK7VzG4bjIxHXA
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 897F
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKbXoEkgtfeU3hvL0JXEcjQ&google_cver=1&google_push=AYg5qPKgHCJW6Y6AmOyPgkjgGaEouQWN1jR9NhzVmCxECQWrXCeicNo7x4l53u7dU_DWd0DXiVO7r2nHdq3Dg6M900QAOOPlLcT2HQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1B9DFA235640482C98A707F76EC69423&google_push=AYg5qPKgHCJW6Y6AmOyPgkjgGaEouQWN1jR9NhzVmCxECQWrXCeicNo7x4l53u7dU_DWd0DXiVO7r2nHdq3Dg6M...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1B9DFA235640482C98A707F76EC69423&google_push=AYg5qPKgHCJW6Y6AmOyPgkjgGaEouQWN1jR9NhzVmCxECQWrXCeicNo7x4l53u7dU_DWd0DXiVO7r2nHdq3Dg6M900QAOOPlLcT2HQ

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Nov 2021 19:49:53 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1B9DFA235640482C98A707F76EC69423&google_push=AYg5qPKgHCJW6Y6AmOyPgkjgGaEouQWN1jR9NhzVmCxECQWrXCeicNo7x4l53u7dU_DWd0DXiVO7r2nHdq3Dg6M900QAOOPlLcT2HQ
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 21 Nov 2021 19:49:53 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 897F 0
191 B 75ms
24ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEFiwn1yG-S2HCiRMVKPk9JY&google_cver=1&google_push=AYg5qPKYIma3A2JHA87qEVonUthvovceCJeuYx9mFDJSlAHK57LpULyxHT6z7LCqAuhrDqA7wHF4h0X8cdMC1qmJB7FfmTRRzFdkug
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 897F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGgKSqQXwQmL0tWiC2T31gk&google_cver=1&google_push=AYg5qPK0VhAMqNLE-9QHlPLRuTMaNX9LLXcQ8lEsFJyhI6iWi1aNrGA0kvA31Aa1MkSmMezxAAIH5BjENV6lD5FjUwVALr-...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK0VhAMqNLE-9QHlPLRuTMaNX9LLXcQ8lEsFJyhI6iWi1aNrGA0kvA31Aa1MkSmMezxAAIH5BjENV6lD5FjUwVALr-2PYUA1g&google_hm=NzM3NjI1ODc3MDU0OTk5...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK0VhAMqNLE-9QHlPLRuTMaNX9LLXcQ8lEsFJyhI6iWi1aNrGA0kvA31Aa1MkSmMezxAAIH5BjENV6lD5FjUwVALr-2PYUA1g&google_hm=NzM3NjI1ODc3MDU0OTk5NjUyNA%3D%3D

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Nov 2021 19:49:53 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK0VhAMqNLE-9QHlPLRuTMaNX9LLXcQ8lEsFJyhI6iWi1aNrGA0kvA31Aa1MkSmMezxAAIH5BjENV6lD5FjUwVALr-2PYUA1g&google_hm=NzM3NjI1ODc3MDU0OTk5NjUyNA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 897F
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEA...
https://sync.targeting.unrulymedia.com/csync/RX-06f335ca-9643-4c6b-b7f9-0c151262584c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLfpzg80vcEMzbwNdZIz...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLfpzg80vcEMzbwNdZIz6DuLei9N9y0L4MnEtJdnK67NCzQkxDSQYvaWBVvQOFGRjSyRqfKlRkZTuVOP50sxWWdXSd_EUM6JA&google_hm=AwbzNcqWQ0xrt_kMFRJiWEw

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLfpzg80vcEMzbwNdZIz6DuLei9N9y0L4MnEtJdnK67NCzQkxDSQYvaWBVvQOFGRjSyRqfKlRkZTuVOP50sxWWdXSd_EUM6JA&google_hm=AwbzNcqWQ0xrt_kMFRJiWEw

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLfpzg80vcEMzbwNdZIz6DuLei9N9y0L4MnEtJdnK67NCzQkxDSQYvaWBVvQOFGRjSyRqfKlRkZTuVOP50sxWWdXSd_EUM6JA&google_hm=AwbzNcqWQ0xrt_kMFRJiWEw
date: Mon, 22 Nov 2021 19:49:53 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX06f335ca96434c6bb7f90c151262584c003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 897F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMv5f_P_SQaGMVCXFfZLiXY&google_cver=1&google_push=AYg5qPIES1UqFf9i7DX4WGPEOwgYs75LL8Axj-BYg_hNYsSYMgwBAK4Z7g7fbMVdjugE_sn4uK...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMv5f_P_SQaGMVCXFfZLiXY&google_cver=1&google_push=AYg5qPIES1UqFf9i7DX4WGPEOwgYs75LL8Axj-BYg_hNYsSYMgwBAK4Z7g7fbMVdjugE_sn4uK...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hekJzV1ZoRTJ1RjZuVHF4VnZDdnNnVzlzMDB4U09HWn5B&google_push=AYg5qPIES1UqFf9i7DX4WGPEOwgYs75LL8Axj-BYg_hNYsSYMgwBAK4Z7...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hekJzV1ZoRTJ1RjZuVHF4VnZDdnNnVzlzMDB4U09HWn5B&google_push=AYg5qPIES1UqFf9i7DX4WGPEOwgYs75LL8Axj-BYg_hNYsSYMgwBAK4Z7g7fbMVdjugE_sn4uKNDd0OZotfZBx8eVGoy2Sxa35ot4jE

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hekJzV1ZoRTJ1RjZuVHF4VnZDdnNnVzlzMDB4U09HWn5B&google_push=AYg5qPIES1UqFf9i7DX4WGPEOwgYs75LL8Axj-BYg_hNYsSYMgwBAK4Z7g7fbMVdjugE_sn4uKNDd0OZotfZBx8eVGoy2Sxa35ot4jE
date: Mon, 22 Nov 2021 19:49:53 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 897F 0
12 B 31ms
30ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Il9h2-KP41o1pjFowcW8-WkZ0mzha9lHeQnaSLw8nLzwgqTdFHAfzFKKa5QVp9xrV4hoXxNg

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFD2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOUYWcTLeBcDt_2H3xSTLw0&google_cver=1&google_push=AYg5qPLhBwqefNV-r6pv1LBM5B7rHAtceVzU0nzREvXVFX6OQldbBUsxHc50N2lF_vHFRWXetSjKIV_rM3WyXS2o...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLhBwqefNV-r6pv1LBM5B7rHAtceVzU0nzREvXVFX6OQldbBUsxHc50N2lF_vHFRWXetSjKIV_rM3WyXS2oZ07_i5tvldkdZQ

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLhBwqefNV-r6pv1LBM5B7rHAtceVzU0nzREvXVFX6OQldbBUsxHc50N2lF_vHFRWXetSjKIV_rM3WyXS2oZ07_i5tvldkdZQ

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x27 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLhBwqefNV-r6pv1LBM5B7rHAtceVzU0nzREvXVFX6OQldbBUsxHc50N2lF_vHFRWXetSjKIV_rM3WyXS2oZ07_i5tvldkdZQ
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 22 Nov 2021 19:49:52 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame AFD2
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGvbIi-K7Y8w-G6a-kNExHo&google_cver=1&google_push=AYg5qPLiGzvsP81A0T0DQ56DC2wR7_wzMALXeN4nbcvh7jGBWaa3e5nI5D-zQx-5eqM2JwadoUIwyhL5xr15i99En4yRPWsryIyBa...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGvbIi-K7Y8w-G6a-kNExHo&google_cver=1&google_push=AYg5qPLiGzvsP81A0T0DQ56DC2wR7_wzMALXeN4nbcvh7jGBWaa3e5nI5D-zQx-5eqM2JwadoUIwyhL5xr15i99En4yRPWsryIy...

43 B
417 B

808ms
808ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGvbIi-K7Y8w-G6a-kNExHo&google_cver=1&google_push=AYg5qPLiGzvsP81A0T0DQ56DC2wR7_wzMALXeN4nbcvh7jGBWaa3e5nI5D-zQx-5eqM2JwadoUIwyhL5xr15i99En4yRPWsryIyBaQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLiGzvsP81A0T0DQ56DC2wR7_wzMALXeN4nbcvh7jGBWaa3e5nI5D-zQx-5eqM2JwadoUIwyhL5xr15i99En4yRPWsryIyBaQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b24af01ebb759bf-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 499
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b24af003d5b59bf-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGvbIi-K7Y8w-G6a-kNExHo&google_cver=1&google_push=AYg5qPLiGzvsP81A0T0DQ56DC2wR7_wzMALXeN4nbcvh7jGBWaa3e5nI5D-zQx-5eqM2JwadoUIwyhL5xr15i99En4yRPWsryIyBaQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLiGzvsP81A0T0DQ56DC2wR7_wzMALXeN4nbcvh7jGBWaa3e5nI5D-zQx-5eqM2JwadoUIwyhL5xr15i99En4yRPWsryIyBaQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFD2
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEt4T1YjbA6gB620kk5sSaw&google_cver=1&google_push=AYg5qPIReA0NfwNUhMgrsEK65dQVSSSyM82fdMYbJ9lnsHzDTstnzuZb0hOWePUtYhGQImjtMTzH7YmVJBG...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIReA0NfwNUhMgrsEK65dQVSSSyM82fdMYbJ9lnsHzDTstnzuZb0hOWePUtYhGQImjtMTzH7YmVJBGZbHi8VbYLSaCO3Gyv2w&google_hm=lNNsOsDHT9KgmgJYzs...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIReA0NfwNUhMgrsEK65dQVSSSyM82fdMYbJ9lnsHzDTstnzuZb0hOWePUtYhGQImjtMTzH7YmVJBGZbHi8VbYLSaCO3Gyv2w&google_hm=lNNsOsDHT9KgmgJYzs7W6go

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIReA0NfwNUhMgrsEK65dQVSSSyM82fdMYbJ9lnsHzDTstnzuZb0hOWePUtYhGQImjtMTzH7YmVJBGZbHi8VbYLSaCO3Gyv2w&google_hm=lNNsOsDHT9KgmgJYzs7W6go
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFD2
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL0cA4GVxGN4FiXH3Ucrxsk&google_cver=1&google_push=AYg5qPISHEXASYJcnqNag1_TEzU_Th6HUKZPO3aoNDSGEXrz-992baFnpmt-u2AKj2UdeZvGNdF5M80x...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjQ4NjQ3NTUzMDI2NzQ0Nw&google_push=AYg5qPISHEXASYJcnqNag1_TEzU_Th6HUKZPO3aoNDSGEXrz-992baFnpmt-u2AKj2UdeZvGNdF5M8...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjQ4NjQ3NTUzMDI2NzQ0Nw&google_push=AYg5qPISHEXASYJcnqNag1_TEzU_Th6HUKZPO3aoNDSGEXrz-992baFnpmt-u2AKj2UdeZvGNdF5M80xAZWG9L_ZPFuQMpnYlN_a

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjQ4NjQ3NTUzMDI2NzQ0Nw&google_push=AYg5qPISHEXASYJcnqNag1_TEzU_Th6HUKZPO3aoNDSGEXrz-992baFnpmt-u2AKj2UdeZvGNdF5M80xAZWG9L_ZPFuQMpnYlN_a
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFD2
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEAkwh8Pz1RmFAuJIu9OBgLU&google_cver=1&google_push=AYg5qPIc9uvi4Y-Z3nN4VY-WCD69osXh5DeXe_bsl9V-5tFjqctFNBq3pEzMM1z1ecVh9KGUZESut8bvqoXoAHvNHSwnx0pfZsUwzA
https://rtb.openx.net/sync/dds?google_gid=CAESEAkwh8Pz1RmFAuJIu9OBgLU&google_cver=1&google_push=AYg5qPIc9uvi4Y-Z3nN4VY-WCD69osXh5DeXe_bsl9V-5tFjqctFNBq3pEzMM1z1ecVh9KGUZESut8bvqoXoAHvNHSwnx0pfZsUwz...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIc9uvi4Y-Z3nN4VY-WCD69osXh5DeXe_bsl9V-5tFjqctFNBq3pEzMM1z1ecVh9KGUZESut8bvqoXoAHvNHSwnx0pfZsUwzA&google_hm=G6G7DvQ_yKYKWrGRO6fwFA==

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIc9uvi4Y-Z3nN4VY-WCD69osXh5DeXe_bsl9V-5tFjqctFNBq3pEzMM1z1ecVh9KGUZESut8bvqoXoAHvNHSwnx0pfZsUwzA&google_hm=G6G7DvQ_yKYKWrGRO6fwFA==

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIc9uvi4Y-Z3nN4VY-WCD69osXh5DeXe_bsl9V-5tFjqctFNBq3pEzMM1z1ecVh9KGUZESut8bvqoXoAHvNHSwnx0pfZsUwzA&google_hm=G6G7DvQ_yKYKWrGRO6fwFA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: ece8apra2rft7pea95k385b1j3cbvbvt

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFD2
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDHFsiQLUuAouObPdfg3Vnc&google_cver=1&google_push=AYg5qPIbleX7LJrNeAcKv2jhVMjUaXRUpfFWbLEuB3nWf9ms0q_AITAX68-zIBx3G4WZEDszUVBFHTT_0mwJpj9T...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIbleX7LJrNeAcKv2jhVMjUaXRUpfFWbLEuB3nWf9ms0q_AITAX68-zIBx3G4WZEDszUVBFHTT_0mwJpj9T8sthWx2C3VpMCA

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIbleX7LJrNeAcKv2jhVMjUaXRUpfFWbLEuB3nWf9ms0q_AITAX68-zIBx3G4WZEDszUVBFHTT_0mwJpj9T8sthWx2C3VpMCA

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Nov 2021 19:49:53 GMT
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIbleX7LJrNeAcKv2jhVMjUaXRUpfFWbLEuB3nWf9ms0q_AITAX68-zIBx3G4WZEDszUVBFHTT_0mwJpj9T8sthWx2C3VpMCA
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: p2WePdzysm5WC0AbXZ-m7DeiyuegEc-2tRmit9cvK8QMNt8UgPsrGA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AFD2
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEE7PK5uv_iwA2xDzuSHaMd8&google_cver=1&google_push=AYg5qPLIxtDEMLHEATVXnWpdkgQOO2Kq6HH7AILLmvlg9Tp0tNBY6HsRdM2OpibzZp7RfpsvXGZnVahcLKTvP0cyTByuoB4kgg...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLIxtDEMLHEATVXnWpdkgQOO2Kq6HH7AILLmvlg9Tp0tNBY6HsRdM2OpibzZp7RfpsvXGZnVahcLKTvP0cyTByuoB4kgg7WUw&go...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2MjY4MDQxMjA2NTgxNDY4MjM%3D&google_push=AYg5qPLIxtDEMLHEATVXnWpdkgQOO2Kq6HH7AILLmvlg9Tp0tNBY6HsRdM2Opi...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2MjY4MDQxMjA2NTgxNDY4MjM%3D&google_push=AYg5qPLIxtDEMLHEATVXnWpdkgQOO2Kq6HH7AILLmvlg9Tp0tNBY6HsRdM2OpibzZp7RfpsvXGZnVahcLKTvP0cyTByuoB4kgg7WUw

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2MjY4MDQxMjA2NTgxNDY4MjM%3D&google_push=AYg5qPLIxtDEMLHEATVXnWpdkgQOO2Kq6HH7AILLmvlg9Tp0tNBY6HsRdM2OpibzZp7RfpsvXGZnVahcLKTvP0cyTByuoB4kgg7WUw
date: Mon, 22 Nov 2021 19:49:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AFD2 0
12 B 31ms
30ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9FCPzOCHgM-YlG6G6VP81QNLD9FCq4_fErTQVXRtxM10NRUS1jpPLe9kpdynJ9hkW0__j

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 92c7870423fba294c754addb30bf6331.jpg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 17 KB
17 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/92c7870423fba294c754addb30bf6331.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d24d6ff6f25c5e9eaa7b26b4582c63267059c3120057c4223152789e4560337f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:46:29 GMT
x-content-type-options: nosniff
age: 306204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17224
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 06:46:29 GMT

GET
H3 200 34336c55422f9c3fbb71f40374c2174d.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 4 KB
2 KB 10ms
10ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/34336c55422f9c3fbb71f40374c2174d.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

169da993c62a4c4aecd80b6899f294d1739ea12cc1cf508f996187400f749dbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 05:53:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1575
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 05:53:53 GMT

GET
H3 200 92c7870423fba294c754addb30bf6331.jpg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 17 KB
17 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/92c7870423fba294c754addb30bf6331.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d24d6ff6f25c5e9eaa7b26b4582c63267059c3120057c4223152789e4560337f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:46:29 GMT
x-content-type-options: nosniff
age: 306204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17224
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 06:46:29 GMT

GET
H3 200 34336c55422f9c3fbb71f40374c2174d.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 4 KB
2 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/34336c55422f9c3fbb71f40374c2174d.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

169da993c62a4c4aecd80b6899f294d1739ea12cc1cf508f996187400f749dbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 05:53:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1575
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 05:53:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 1A0F 24 KB
9 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DQ9u4BDa5vuh53IXbXQLhy7ojKhatCRg26uhXSyWxiY0rsR444HnGT3uSJ9vr9hU2QDd2nPE0OTU4r94mnms3k-c5G0WHasCubBaR6fEXVVz8_5gPIOaBHR9CkjhJF2mLYVEdWvITF_o0vjqyflehgTJZIrw&cry=1&dbm_d=AKAmf-D1r8Ouw0x5j18zHfehfQxvQPDFXu-fAY_POLHkghmKGlND65S2f0650r4Fkpc6E8STK6jdLkc-tMv2LP71JVuzXLDzq68DEw-SVCzg15PPz8A7SbhP4nss7WTX6uVxQrq2lqhvunmU1PPs7izHrsuo8LqqnIHSejQBGhDfO1JAAGhvcPoYULvYOJXlL1DfMsEQlm6hcbGxwXStdGXeVX-viSyFBkY3dAOsP20uhUqcbAkcLZtgL61D5Do5emS3nEC3r68Y8lRXVUCoCpp5-OMWEs2Q68ny31fxP8im7g52R1cNBLFBwkdABcAzD1H6I-S_nn8Lu7wYjeoToc1vpt28Len9AROv43s_Tx_IruXMSO9h5UY-dyqcrtFQfgz5tm78TAzxxGkPAZAIvG78K2cryBRZPBpaxxnDGBe0A5YdpZwWrOs8flbI8d-GIbscUVTdYQKsZv3U1ZZQ0tH5EmWydi-du4Wj8_iK_FCwd8jnv1EzNejydcOiE6v2w1TPrgJkIecve0wF0x7teea6s4n-1O2xA5RwCHHMRpOS6dsqEYz4LJhQ2gj9ry4LTWETucURXLpXzA-Fk5s26TGNErQGZDqXf2YPDTTe-P903mDRyBW9YLyRUFzFWZIaH2pAW0mdmRbU65--qahaj8bXA5hcKApMXzIKtO0Utr1eL8IcRlNznwojKuFkvMWbowOoQ0cJwcebFl8e4b9priZjG3koWcUetr3u0GvhDb0FE2HlmsN5l8gDVN4f-MP3TXuDHn-gqxy7iwHBdzmiHb6sRg6QwYSI50lj1OKbi1H_dygRn4dxUoZveO8jUF9T7f-WyvLSSgRsoFWCn2rxzZ5aWX5io0uejl1wqh1bxiO6L9x_YFmCR1GVMRKLy0orNgpjZ8zT-i3wjE3_Od1j7So4KD0hhoQiutn3BzSclsfbJufMN_Gw76b92Y8-7NK018T4ZQPGmIzK6GMkIrj0WOJnRCUrUtJs8AAPuWs5vYZXhbsQ98FGN25rtwWleC4uUpigLy3OFU3IEI2obR53DyGYlbUy5a7NFAJiR33LkP3mr4HDYZuVFmMCMZGvoPRiOrvxZjMBJNmCC71EZ1ZhpNJu97_qBlCiOG5VByCfUl9tm_np1GbmGYZiiLS4XkE16wCBjvI9onYCfQfdY-ke-AKV3Ax7EtodEzydWawlGwXCTyVMxz6GWgPceBehu9On2jLCYb7vfZpXBx522K-j2r0kg1ALdGgg2X-t2DxnBVYrdOjuwLGrn4BPsLb2AYuYcYTCbi1fZthCYNWBClb01DyQBeQz1tRrbow6HhyaUWjMenXIvY-PPpkqYi5wpPO2PgrUAM_RN9Y3TTAdxMKdEx1C97JowNzd-Ds2Ab3Ea9IqtY4O8LGn0mVqRlAD8bdpJuOyvrJ3wGZWEwSbK4O-HYObN50pC-ElxMhJ_kNlb9cbkxSZskMTCLCoW33zOhO0gK3rUyoy6r77nOMcW69zqia78rAPuEtEGEe9oi9q-6AT-WhP-WuEUgGdEwLxeSTDOhk4ilD3Mx3cOe9ukyAfNxUy5iakl_HfgY1GrOExI2mq944skoTpbEs4opcP7lHHx6rZ0jR7nYzgAj4yArB2rdfxjlD5TCoNySTAg1AXgxVd6Vto-Y15eL7ThHCMKq3qho0jdxYCe6JJZVDEbM-rqFkjcUvBTS3mi3qgbqMSxN_kPvUlWqeAXhcSndbWZx7U4WQGxJOauw3PVjoQQjfnhuTqtZIrQ1VDLUBEf2_vNzfW7gWt8fulnZYAxeoCTv1nRxaZYvUJB0l9Lq928zRfmNxS57a1FoJ0lkjEiHl_TFpSrT-GL_YpVFE5yn7QnBL3W-SgVds-1DIU2sM826Io8xkLV6IFX59SY0sMDEy3rr6f5K58-wr1q41D50j8pC1jxdXT8l9CFVWl1GcILIM6IY8eP9w8me8zr7ayanyskrNIqja31d_xNAMjRKV35ubh58xu3tDNpJbkp_ZQKAnbAxYPj7vIdc1Y7ENnq1scWBXbaY7JDytkox__vLmTGQzdEQHdEebnlH2A91q2x6A7rM02eSmyptAvpzGWuR3w1sR4jY2mX0oTlFLnJ-6G-IWmEXIl24XYeVeBWQY8MiF_fn7ydmE5GLESqdsy79R5DdmllqkQaYsnyXrKIYl5QkWzGrBQ-LjRC4DVj7TKesqk0LNvdCtXE3A4bRIfNaesvYgKUzu4hh5ISTpcxOrFv7c9Wwg8k_3CvxrHuBPZoMdBFwEowSzqyPgqGCMw89lR6nTqkVb4iBte5roKRnXorCdX9sik0LxiERU1dE4sXSczPHBQtKMx0w3L8XToV7aPvsBWv1xVMmCmlMk6tKxzuygK2SMQPvZ6FUbBzLiQfbQqRQIsKzreK3wkneGOmoxTmcQbYerD7OLiG6tZEdmfqmEViAzjjkcbeqj_ipZIH9hglCwiOi6kvNPW6bnJQqsAUrbSypNnxIMsnMSfcTWsD7tLwcGJwVdcMhG3wHDFx-w4oAzq6ok6BcYyYvYlSLpYylaCV34FQSB0rPZHO1PmEU2c5WymeCyomspFeDJZDSpKkHiBi6VUOsIMGHL8OBzsRFPRcGU5fZ4SxsGkeXUESfSOCdpLYJR9V0W_e0zdnGUL3WIlar-p2Ni6QIeY1dev8kXvksdFymyavIi5c-KNsUMHi64irIAcT0Z-JND44pbXqhZxwqrSSQuagKGySGpEwtc9ZfcWEOMxyU-qfGZgXN1N_nDfBzJyEgl1n4eW1oLrcALC3H5XYse_ZwrwNnSVYpZYomd1gnyFRvAQBHFPJS_DMXBqOMZlisiYQwBECzRqSro_xMLhsczq5O5Uiu4YYpzmthDu4f3Hm-e65OOFHQQgPBabO7midSigOEUi1CL18iepM9fCtCsO8v5pzZFoDJ9I-jBSlkc04xJtd6XMlICNs81OSYMGBd-iyjD1xW_iZNVk2uJxufo__7qfiRGorE-Gk_tfn2VJ_Fpcd5DtnTl_ryQV1Cl_DHmxBLen3I9obhC9mOnP1Ej9Co0aOLQOlFd57RX0D39NQhj0tjvVDTX_W3UumJGirIla-LqA_cEGVpoumnTOZoTqDwF44LJ_dgNZ6azOGKdySxLQWgZmGYvlLN2NYtRQFiYrKBUwRblREFXDX3WGzg5UgpPBt88N2Tkery8Y-rzn67zkpddiOrp5cpXRWwZ-VLmHmejSkmlU-xjMdWUworE89Kj0frh8b74P_2TJLviXAiA&cid=CAASEuRofMefjs_Xpyo5I3wNAhM8hg&rfl=1%2Chttps%253A%252F%252Fwww.controle.50emais.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Dec 2021 19:44:08 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1A0F 41 KB
15 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 12:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285281
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 19 Nov 2022 12:35:12 GMT

GET
H3 200 92c7870423fba294c754addb30bf6331.jpg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 17 KB
17 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/92c7870423fba294c754addb30bf6331.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d24d6ff6f25c5e9eaa7b26b4582c63267059c3120057c4223152789e4560337f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:46:29 GMT
x-content-type-options: nosniff
age: 306204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17224
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 06:46:29 GMT

GET
H3 200 34336c55422f9c3fbb71f40374c2174d.svg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 4 KB
2 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/34336c55422f9c3fbb71f40374c2174d.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8992165578446582788/aa16cb581d143e080f8d01373c078e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

169da993c62a4c4aecd80b6899f294d1739ea12cc1cf508f996187400f749dbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 05:53:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1575
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 05:53:53 GMT

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 8E30 1 KB
1 KB 9ms
7ms Document
text/html 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 07949ef8b06f5ba5d0a5ca4cc1fdabe426a5f4691cc32157cf6966183d8317f2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/

Response headers

date: Mon, 22 Nov 2021 19:49:53 GMT
content-type: text/html; charset=utf-8
content-length: 496
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame ABF4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1

43 B
894 B

34ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhjc_c27ATAB&v=APEucNXLH27n_afp2VUc_6LbMWwcjC4UqruTdzrNmxTX4eFTC6ObGLrUhbZhfBTQ728tju0CGMTo8pomE5qpJZ9vX6V1K35IP_jVNGJILm0xnDTcisZ6n8IOF_I7NC28Poj01mg9FDwPjwP5NPHwweB_tY7CpfCZlFyt7Y-hx-1_2ppomg4Oe0I
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 19:49:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame ABF4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZv0YcrO2EkNM3gfnnqPiQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1

43 B
894 B

48ms
48ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhjc_c27ATAB&v=APEucNXLH27n_afp2VUc_6LbMWwcjC4UqruTdzrNmxTX4eFTC6ObGLrUhbZhfBTQ728tju0CGMTo8pomE5qpJZ9vX6V1K35IP_jVNGJILm0xnDTcisZ6n8IOF_I7NC28Poj01mg9FDwPjwP5NPHwweB_tY7CpfCZlFyt7Y-hx-1_2ppomg4Oe0I
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 19:49:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIGa3doVYOwn3Ty8kk_QCME&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame ABF4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL89rWY9IwfNc6KfM6eS9BY&google_cver=1

43 B
1 KB

7ms
7ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL89rWY9IwfNc6KfM6eS9BY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhjc_c27ATAB&v=APEucNXLH27n_afp2VUc_6LbMWwcjC4UqruTdzrNmxTX4eFTC6ObGLrUhbZhfBTQ728tju0CGMTo8pomE5qpJZ9vX6V1K35IP_jVNGJILm0xnDTcisZ6n8IOF_I7NC28Poj01mg9FDwPjwP5NPHwweB_tY7CpfCZlFyt7Y-hx-1_2ppomg4Oe0I

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 126f5a99-2281-4f0f-a811-a166d49895d4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL89rWY9IwfNc6KfM6eS9BY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ABF4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 6c878129-72e3-4416-b771-c8f9ae8fd90b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MzcwODk3NjY0MjgyODAyNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame A574 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 08:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Nov 2022 08:29:26 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1DE7 0
23 B 62ms
48ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuhcSvl441JL4oDHpHmzWo13-RUC-NKNoPQ3_9JST6nDOhY2dBRigzurayOQr-RHMYjb46wSNKWokFEhHYUhN0s2BtMBOzA-UhZiKFyDcZZd3fk_ZEUs4wpehtdfxRRyITYSpI0UuOCaybS1nCBT86QYItwnUV5-VzGedZYaXEGo7Xcy9Mn-0RQJAMGNB2EKjR7sEBIFzxCMw4HtZwoy-rxiC23x5ct3xbB9HJYt_fWJn2Spe0ZrISyT2Xn-PgR0aOeK6k4XiVK4h4QHRhapjh-avUUdAm-H0uBvqSrILSH0jTtLpyhkfHlffIqOr94zFg2i1jUsg9r8kUHZaCszZr7T2UEiSF9MA7VQobhBde3EefePsFFkVEgOvvyve1vZ9pW8S-nEget3c0VRZBuG2RI9PYgE-ipdTp-buQS6-LGBEZdY8AGpzwuU0pQtmWh1Kk7qD2HOVtu4EoO2BTG8O_lKYub7-X3Bl6HoGmbkNCeDtW_TC9jgchZV-OReEsMWkRLVJo-MLy1f743X24jTUqkl6BngpGF61yB2bXgbI7pcKT_zQ6m4c4OOrY4YFhb8xjyfQkSCuYc8BpxqsSSgOgtcjqgcO4IS03vzeZV4_GqlU5JvZEJ6jRoQBh4oVKzpEaZ82cgNTt9ON_PBD83J2BhN6qLBw5x_rO34s7jA8QYkhO4gPJQKOGh14Cf7U1eckvvU69mHdv0H4qapQPSLkcXk6j1W2r9xiZBJq2VfgcNsLmMYtxNhukqvrCSYW5XV6pTVArHoydFhLy9zLSbTkO87xDeo_7YH4UReioTS-AvLbPYxwBuSocnSrmy4gmIPzwULCZiSZBj3M-C1WJLuVpPAWS2L8sStZ31cPJsllas4n7ssutZiZydGgywW9IxmO6tAjw1tu7Yhu5SUI9k1zX4bS4NyDVrl7lAEuaiy7G3CnRsALZ4z5JJcGdelLlU4WnivsULHAN22Lrxcvr6hElgeMJFHzlbaWHNpwnd_bfZQ4pKjQyzxp7nkIp1pLdLi_mbrH2PDZcKZmc2GXHArpS3jzzNdYJV4OO09izqzVec4P3_HKRVSiYRfB7-kcS8DlByLhhpGKTmJcm5mc3YwxYISLHobaQK_gahJ_Eco6bczS0v__PNnymZbbwd3Y2U7j6dofMKNDZpGcVlcfySTqH7MubjGRvXjT22RLWEZi4-Gb6EMqyTk-wu_W7CiRGDG2HST916hu0iVw&sai=AMfl-YS4Lz8_E_J5bmLiE5MjV4RrwLBsw2yYN5l5dbEPPJi-oaON1OFqRvk0sxtk_DaRtSxzFkFasqoXPxvkV-8X9Sg_EOUK4UTmuoMQGk-8myEXwO9zUW-cpT5rmH2WJJc7cer2T2Rfi8S4ttGAg2JX2hw4bLNAvAKurlwEwmBL-TafcpNJrZ1hkr8GfojIIn5aF-fDGHNiWkmI96EZV9o95XKyFxyTMOK_dFnw4XxDdynIH9HZhftjgqky8k3k0tUHm8iyG-WRoh2AQrvbQB7eat3-eWWqAcV_bqb54pDtJeBC&sig=Cg0ArKJSzIFy9kgNGx-lEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=587&vt=11&dtpt=469&dett=3&cstd=116&cisv=r20211111.86508&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 19:49:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0AB5 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 11:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 11:03:30 GMT

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 77F8 35 KB
13 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 08:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Nov 2022 08:29:26 GMT

GET
H3

200

activityi;dc_pre=CLbAzu3erPQCFXQcBgAd3I4Nrg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6191729192893.931 Show response
5994599.fls.doubleclick.net/ Frame 1D4F
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6191729192893.931?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLbAzu3erPQCFXQcBgAd3I4Nrg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6191729192893.931?

391 B
345 B

45ms
30ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLbAzu3erPQCFXQcBgAd3I4Nrg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6191729192893.931?

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

360236fcf25d900022c92a94b9877b1296e720af1ce541e6cfd0f958b453a064

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 22 Nov 2021 19:49:53 GMT
expires: Mon, 22 Nov 2021 19:49:53 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 22 Nov 2021 19:49:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLbAzu3erPQCFXQcBgAd3I4Nrg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6191729192893.931?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal90001.redintelligence.net/ Frame E105 4 KB
2 KB 38ms
13ms Document
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request_content.php?s=17138600208629500710616011786001&a=4171ec3d
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=d48e3b6c84&subid=&uid=6d836bec22a1f4ce&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYyeeX_SbYc3lN8OF7gOrybGgCbXN-YNXzN65q-UM8C4QASD3lKwwYJWCi4KYB8gBCakCqJicWSHksj6oAwGqBPsBT9CtMqyZlbhWV4KwSh68P6ploZ6R8Xc6sTrB43DWwQHQJjUzjWFVpMelPoPXUmNvaIQqjaQ18oFfe7uORFivkYmz5zeBo6xDw36s8KrX3XhJugwXJkMsBM2G0vTJ6RwY3LuICMqF5c66ciHkRLl2-NBJhcn6kpmiP1TiqSrUKwU4wMrkXq977sRADGaABqJ1a1Drj8V0Bta9o6zVTsE79PI74hyMZNseGmgoMkW8gl1rgUwqGmZmrZQpZYDdbvPhsHY1YKpzZMjl0lIBjuxsgw2JCaxa1oC-Bz6g2RoLUu9QMlobCEdHGD2ou0TveHrL3S8F233bVX31NEzABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRokSSWr3rd-bAu3aYJpdqRjQ%26sig%3DAOD64_2ENeXz3NPqkHRFU83lvO8MZU5dFA%26client%3Dca-pub-3619045887187031%26dbm_c%3DAKAmf-CEcNQGtW8T9tAUrjWLhSPAELBQx4LpUQI8mNyL-2G1GDatqca4ZFkFqlscmO48PTWTPGtzLs8J3TDWa_3NML0pOFZYgshLUU97FC8s_exYcU138E0Q65H3tH9KMJomIh61J9ccxUiTsylTs-j6WIbnE2M63A%26cry%3D1%26dbm_d%3DAKAmf-BF6c2oQisA2WcJfUdXXWNVeYQQ8xEbMObmqvPHEki4v5_DHTVH5WVoQePQ-DuARsszUqz6ueHC9Tvr6iClX2wl6ytKYo8zurAcoFW19bgqNfX0F0Kf7cCuHSGV-_qnHNbmFNwF_f1JYtn85d0jsVuCrwDQmhIHLE3hdjAXJ1-P-Xdtf79OG7X2XKrfpyU5260BpnyLW7IfXlPaTU8WIp9B8rbM2jwRLhwbE3zOIwPDEaJNOuol3JVylhduUiSjvTg0TNMXmtG9Y42hmH8li2Wv42eSziyzXBr1HB_U8tvdIfBZM8NHxktYJnNJP1lKyiH_gXIM4YLtFv1yzzTSk0uMaikLJkiQIppGCdoXtnPljAq1lCMwh2MqU3k1IdQhmxxZ--OG4aMQWYW5SaH1GyMLOlCqYMPEzpgGU1JwL6t8AeZBmxiXlrKF2QdiWmG_4KBRG3_w7rUu5lHSYwE6w3oHlkazKQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.controle.50emais.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.controle.50emais.com.br&random=2108147231990&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 9311b7f2bd53a7d072fd1b1b7781767de8fdf1e8aeadcd667a6053c0245647aa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 22 Nov 2021 19:49:53 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1530
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9B19 1 KB
749 B 8ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Nov 2021 13:26:12 GMT
expires: Tue, 23 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 23021
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2483 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39b8eeb9c8294d807905a4497eebf5cfb5788c2b17de18ec4f61fd396b360014

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FB62 0
23 B 47ms
47ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssN9UcFu1y2jPh84tSpvZJa8Xv7zAzqkqSqLzYLm0HXdsaMxPa6WXXONgpsXo86UVAYH5IBAze_rnjOHJGHeJNxeMlYUCr5KhKD0NZLYFb3M92c25RgFI0_UfgUzvlXwpNk46REDqFJAqeOgW5DllzfhxKLLiDla91z8LKq3s21QOfj8_xcB3VI9BLAJ9v2NKW5Qr-tdEqaHbtAPgrJ_aRna7w4td3i810JYAgQtAZs43mnAsm1IBvkpGbLB8Tx3n1EOhuS4NDcMQ-fOpmhvp8eGC23NARGHsoAc0t0scBLmx1DyZpv6W4i8nSSPs6U8n7Wj_Kb6hwvgXBy-nNwvDcUxG7xX8WRfpmfLFhZlbIMDxV1_hwuSOsr5oZYO2p4Y7pYe_IFdsjTsrseFpwsVejcO3yC5T-i6Uk5Dt_QxyGW7riLZcRlU98OJSL0K27DuAFB2jFlOcXo-L6iJeKbGGl-de2FR1mUdsWG74whN4tZ1dKm806qwsPx08Wl3NzFDzglbqUIfUi6bKrlECgnz_BbOdBb7vcgEOdLIC_00wdfAX9TqvP6kl5Zrs1CnZpI6jU2qHV1ewKsGE014PezqkxP5wEILM6KyaNgtL7WygjsbuvE1EfhjXHHFSdKTn1XXmSC3JkMUhupENBAujHQY0TJL-Vl_1Zqt20Icz8AY6Xn5SRMY65XVDK__ov9n3IWiGrxa6ghAD5hYCw1StBfGwzwL1fux98-9blkBPdz-izDg7euoDG_idbBRCVKaI1cc_-Iiudk7ctDMAhGpdcIO3ik1acC2_LqMGsdxpgBX92rKk_OL9SHlgbqXkoERtaH7cqpslZ4KheAecGGBcrQ96WIX6t6N7_82d6-OZRBUF_LkiuForc3I1VyAOvdglM72XCRg50WKXaRLlL4Nwngy4-p98yU6IBdb7ZGFEVDWNAPRilHz29amUSmNTsXp6euSUsfYDV_nG0SC86VK-BDW7O1ErLR0KxYgNDFj9oz38O16PAB0SbQvDVa8_oN-YNfexjwBEzNEHkNsiX9z378SMXHgd6gC1hu9J2ZPodYejXZGp3clVMtRWsLRiT3aASA-jzng2HvjSejjhQjZbmjFWJuJOWpiHMSbU0piajVBdNB2g83F9zVkNpgnNfc9zwFM6-o--3zw666_rAbZ77WOM-pxngZto8exe57d5DAQPQySlpIR1KQzF_QRZL0wBEkKjDZf_LqqA_Q58LfMNQ&sai=AMfl-YTgH-PUmV8GXE9IkQyj7vP-AfceIJ91IK-kZI4-mURBSbvkOViXZ6XQsrzoQT6q0Ig-ZScbz819k45joLvGjyVaPC_H4kM7f46YoPCoWb2vi2upsbnVNwxyojbwmui5sa8kCsvIR9So2Z21oo-HDdwVzSlRskXpRH4O-T4aB0k1qfv6Tp4fGiRszUjfq6WKFrsFfbdTUOxbkMEvS6K8d7h8Bpxeo4Bctnf7CoQfGADtf3ULDBtq_d8cQM8fsW3FpO3pxmt5INoEJvNHQ5G2yNE0DJ8FmnG4JRz9iiFyx1MP&sig=Cg0ArKJSzLEbhi-s1HaJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=605&vt=11&dtpt=494&dett=3&cstd=110&cisv=r20211111.92082&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 19:49:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B517 0
23 B 50ms
50ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst2EGahI5xtFXuZtANZPQvukoAI0Q3DL8m2QQ7uEGTxnsu61N-Gs24VrQz4lJiMBMIxVCZ_wiXT6SVITTRQHwui2ycf9s1b9YUYyinI1gr3n-W9Qjtfo9RccAXm8O-qv4kt_j-9DXbiKQnYdEtIRBnZ81gGEUdjkBMMvaDd4R76ZSxjRVzUDlsRY2NUiS_HAUoPnr4quaadOfGJ4HGEO4yQv-pbv8TUWld0o5EMOvIetolysHt_FCDFWfFKAJYKYZS74N7iu9v-FNacndvX1B1d7SBEwoSNipl1CyIL6pd5jxWKn_c9LShZjQvIKwGrd5EfUsrmVkVYXsY_a507GxN8R3nN5JhpmCisajNrIaIxP8WFm6n--sa7LC1HtBIG61Zhn1FiinB1z3x1Nkakv2NdrhPBsHwcmdFnGVgdjBO1O9ccBASscznsnACY3u4A4Vj8i2FVPyVB5hrgOF35aRMYPyGveQLNoW3Z7APpS-KAFvV7SoWDy18yZQcXAL3dY1GYmiyee44LLCL-bXu3ho5pnz7L49iOhsrVPr4OFHeOKizgqhKTQ5L3mPMPxgjTXiBQ6ak_sijJvKY542ZwEGOOux41bdrNn-ShD2gZH5DEbhBNEbSwX-WsXpIDYyt7RFYRHYOtOeqntEBcMHS3T5tx4mubQ3TD541oW9e70rbZO4ZzsK3yWE57CnCp-qyVxZop8mkzkixuP0OuxnYMKdcQWthLlJZhnezY1_BPg2XfF7-e8dvbSfo33kgbG1YB90d_jl2nSPkfV9Tp8sZWH3XWYxFrdl1Cx7e7QpHLJ8-fmzM2m9PCNLsVUodHf1UH5F8T6T3PTwr-mgEeAVj5Famda6PdJtrZrFaH37g3n1qT2KKM750auqRfqKMcT0XVwTZx0iYdpNw1nACY1fxEQdylKGKqcT59JtQ_N0wXZV9rCBLrUMgEwbedRr4rWf0-UHUeiXUEKz9ZmviezoBps9wCvyg6ILHew20CWJxwrOgT2RjX82LLkuVBDxQEr_uD9AqHKF1F3MtnV5Vhsh-7WyicQd0uH449jVEmVq2D4D4J0V_ApYTCFg68LtAR-8ICu_YMCf-W9NUXrcg_W96Gsit59Z5vOxdRXQyQdNrmKyUeEEcJrkPj2dqNDRqI0jWBLPxygAHx92rpUN-eDqggBAY95cM82hWYJJuCgHFiJ6omSLExWSnoEvEkzoIQJY8KELQsNq-vgwih_A&sai=AMfl-YQq9ZUVJB6wJuUNwI9i6IqFCzDQmjrQooBrFU8Oy3lBU23b1GZCBR2uPDIK-qjffLDw_kdgoP25ytLcW-b-NtVKYrzsyCJK7ZPuv-b5Yp8G5xWA-V9cskUhf-SEOgRAAgYsmMCcEEUCa91dSRrPD5p9jS7mjGD4bEUHrJk-xnNGxrg5g0WgL0F0dBgu0g10H34Brrqo8jwg-41ewW8QqoSotRFS3rBVnuSs6agpDhvJ4UIwzaBVmGXDj3zLYD4k-MDuxLleX-h2UwRJ2IDsKxYdTz6RLBTqvhlEgzqJpqXG&sig=Cg0ArKJSzJQ3UkFvwMNCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=661&vt=11&dtpt=518&dett=3&cstd=141&cisv=r20211111.47255&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 19:49:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 913D 0
23 B 47ms
46ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuLN7mBku2b-aLrLJd-KNrRpZiAf56bLpPT4IAxPaSAjTHIdACRIzcDbd4yDP5TxECtNGtn4uIGHUb3XzUrVkH6aQU21mJS23EGTszAHGs6b013q7ufKJym6lrRw72yaZFxVs4j4nvrk6KVO51b7luyCPfOF1_IRb3x1ubq5gE_CrwQS--hg8DR4sH-6K_vMIQVA0ry-m0bK7LHKdnX3WGUw_QEOs7z6pFngt5lDV1H-bZHMKLzE2kw9a-_1UMPttHiRGWKJgp5pSIXx_sv370_gWXfaZhjzQwNup9SK0mFE4cn2LtjSa3qC7x_xmXcrLjoiaDHdL_ka-RAfh1e-Md3t15QD8uWvtQ_a9BNH24myj1BGW1Dguj3OfsByr2DhHK967bwMUImaSGjmp9XwGndjpscahAw0Gj2DtBESyxe-RuiRuhTkSI1bI3SjcF4Cj7OR9uxKyZjfqHM5Z7Ek82iZel69lKe9_PeUaJc_skXrb4QaVALfD-VaFKp1wa_kzh0ZP812x4ECHzCOAtK3vmWNRsvNPApfrzfTcXMPZjGxodIdijvpw3ZEASi1vjYiC-THQzZhJqLkd646ZpDRtRf1R9-fyqdRncEuZzqy3sw1sw2NzO9nxqSRDkhCj_paQ8sgQmLu0DvRnRS14L919PWUFAHCJJ1n_dIUHuy8YPTQ7syLk8yXa0MlURypoeNePqNwau6LpR5jg2_fapDHIFqL_yeuefby45WVP8dBB462PtFYx9_er95rm32904OFbyUU7RZX8869N9j_FJslCrwPfOgopsWPnaoTlTRdpgmZ1Ai3j_9F-nPsddGGKSGrLhzKIbx0gIln8oE2IqfZBEN4TSUCXur0EQ9ZE7irDr_GSxVUXNxu1Cj-TndS1fbmIzNpmhl5ZRoqOT8Bh4yKdiXS-R_G54GOw1Ae6-HMujyRVuL8o61asrpvN6KC7L8R-R1VhRrLV0TfsWUN4YV_i0cuMbis6KHHp9L_mW_zc4oGCdquh5qKQM-j2iVtypN75DSWJFWhoIetOkF2NbBp9l2aCBfot9npTdUch3W1j8w6WKjCjmL_ezW4Qzi2EXStpsO5RNb50lUqk2D9ZXe7HPGjvpQdBdBNFRmfyVbAc22sK1JlGQQVZ1VdSNEiQVLz5E4y-lSjmOzog2cMW5he2r1Il4gQbFzDMtFb1_p3ZNAnEu_0qQjsuLIeD8XyF0atOgi_W2QnWmIFGuXSR8&sai=AMfl-YT7Lnyf276RGPa4vEZ1Oki8APNepc9sT-JqO5wV0qpuCLr6CPCFf75aKHVhiBzRWsIq06er5f7cJFD8JvkoBLsHOAgpUNsPPajFZAOWpWdh62DtybI3e2isw6C4qfNzEqTpk7GL8yDlj4itAKlrQE0VNDGiM25EegCG4tm_JGwM6o5616kjewbpH-xHdz9Ql2GLaQXbt6b9xumYR20HH4wJklI46-Ac2-_AHsfCCpLH3mbjsRAIvkB4YBd7OM4JeRK9sfvf1lauaZecXX1MtXyedtc8qe-5RlD6cfQMwsB_&sig=Cg0ArKJSzIR7i5jkpmP_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=607&vt=11&dtpt=510&dett=3&cstd=96&cisv=r20211111.47222&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 19:49:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3

200

activityi;dc_pre=CLjAzu3erPQCFTIgBgAdMwcGjA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4388042477225.982 Show response
5994599.fls.doubleclick.net/ Frame BBA2
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4388042477225.982?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjAzu3erPQCFTIgBgAdMwcGjA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4388042477225.982?

391 B
346 B

43ms
27ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjAzu3erPQCFTIgBgAdMwcGjA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4388042477225.982?

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

2d58a2f9b63c13880d447c94ce862b75a46eb33c9d4cfdfe086c69ff970ba1be

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 22 Nov 2021 19:49:53 GMT
expires: Mon, 22 Nov 2021 19:49:53 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 22 Nov 2021 19:49:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjAzu3erPQCFTIgBgAdMwcGjA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4388042477225.982?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal90008.redintelligence.net/ Frame 2511 7 KB
3 KB 35ms
12ms Document
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request_content.php?s=14541200197103000710612011786008&a=37e5b2c4
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=50511bbf4b&subid=&uid=65bb2b0bc04727a2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1iq1X_SbYcvlN8OF7gOrybGgCbXN-YNX_Ni5q-UM8C4QASD3lKwwYJWCi4KYB8gBCakCqJicWSHksj6oAwGqBPQBT9DAohe_XQs_LF1bF0nMF_n5sXTanRtmAzmgj_ppJfHOw1l9BldLZRiE3DVGcCmEn_U3IvTlLS5HbCLng-ewa6gE4R8J6mfzNaGV4aX4xPACncvnjR-j1aNK4tsHV39-NtaNCaqkI3zLqJpvt9_k9QSK6tyZvkVmJGUxi9dpgSy5WmzWXcwZ0jzgYR_cy2aKTnXLFv0eP1Kc14heHA6SnE_HXS4G1AwVuOny9GsKQ-P5AbXNMa47xIcHIRSGny1c7sMX65NqY8OBsolc6h02toVnA2HF8O1oKScMLGHspRt6zm0GqausJcjsqmS6uX1o1l2W78AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoqXuXqHsAYEXQgmrNzA2jSA%26sig%3DAOD64_2wQWlH35o3fYEtDiCnWYxroaBKHg%26client%3Dca-pub-3619045887187031%26dbm_c%3DAKAmf-CrK7fR_nd6OXuKEFDI8zJpESyyFl46vvv878jLp5tYStMH_ZPYbYYbJkt3uvF-80Erg4YLRcIbFMMZ_Wa1tJMeMH9aVGd-CJu4GvEhVmIz3bM6B9vpFxG1ODAi7GeVDrdSasayXo0jmIOPpINkoRpZQPyHCw%26cry%3D1%26dbm_d%3DAKAmf-DLlCuXfFZ4jDW12hOAboongVo4WPetiJgih8q6RGWIgWg2rTIwIEycBjwssICG5E8akfT_VcHmVHLzeajBYO9FuPxCkm1Wcf5bI_lBiMe_3U8d6tDdSWHX0RyuwXdxlamlqWR2YpIUDNYyDGRbWQsfnV7Q-BHUbAJHl_aaRD9srpvD8a7_crWcenR8Og--J5z5OeP7_XaMwo8VM-3YNQk0lgrPe7yHTR02PAVdvyZQE7URmdzDB3biHeR4QAmFOV35aiJpx5WTd3biwFAjrdbQQkavn1ZImAQanIIqV1z80R1wYWM4vDMt46c_LdF7uvG_gsCGknnL9rR7YK2kXyAST4_6ZecR7S4vfnMWCGYrVEPJJChNAqM2XYKJr4pDiCgXKIpSXMcviRlgQyYnAt7Q43NgzsCHKt1yU50UjGgxihXZVzTSNLdv8q2SLjykscD1NCMc173Ku9Q0n5E7bpMyEHDVvQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.controle.50emais.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.controle.50emais.com.br&random=9936501349065&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 06b781625c8d0577f135ee01ef147916332782d0c80701dd2f8ae591a6705c1b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 22 Nov 2021 19:49:53 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2318
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DFD8 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Nov 2021 13:26:12 GMT
expires: Tue, 23 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 23021
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5E79 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44e5cce4833156616ef9c01a06fdae59ab2cf464f2730999e24106351bb73277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame 51C1 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 11:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 11:03:30 GMT

GET
H3 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame EE06 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 11:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 11:03:30 GMT

GET
H3 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9AFE 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 11:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 11:03:30 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 8E30
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=22675ca7-831e-4502-9479-219d365aee46&dongle=0cfd

37 B
353 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=22675ca7-831e-4502-9479-219d365aee46&dongle=0cfd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=22675ca7-831e-4502-9479-219d365aee46&dongle=0cfd
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 209

GET
H2

200

xuid
eb2.3lift.com/ Frame 8E30
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFzVou2VAk0dnGUs_5cH3XI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
353 B

11ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFzVou2VAk0dnGUs_5cH3XI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFzVou2VAk0dnGUs_5cH3XI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8E30
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM2MjY4MDQxMjA2NTgxNDY4MjM%3D

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM2MjY4MDQxMjA2NTgxNDY4MjM%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM2MjY4MDQxMjA2NTgxNDY4MjM%3D
date: Mon, 22 Nov 2021 19:49:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 8E30 0
598 B 390ms
139ms Image
text/plain 2620:119:50e8:101::9002:f05
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=13626804120658146823&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e8:101::9002:f05 San Francisco, United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:53 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-ltx1
content-length: 0
x-li-uuid: Gu0ZoCj2uRZA/Av74CoAAA==

GET
H2

200

xuid
eb2.3lift.com/ Frame 8E30
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/13626804120658146823?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-R99C4n1E2oQ1DCxStT6oUCmtCN8j.YcUHXTtjyIxxA--~A&dongle=0883

37 B
353 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-R99C4n1E2oQ1DCxStT6oUCmtCN8j.YcUHXTtjyIxxA--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Mon, 22 Nov 2021 19:49:53 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-R99C4n1E2oQ1DCxStT6oUCmtCN8j.YcUHXTtjyIxxA--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

xuid
eb2.3lift.com/ Frame 8E30
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=13626804120658146823&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=13626804120658146823&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
https://x.bidswitch.net/sync?dsp_id=70&user_id=3056486475530267447&ssp=triplelift
https://eb2.3lift.com/xuid?mid=2409&xuid=066e7bdc-27ce-4994-b0d5-32e928c4baf0&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
353 B

13ms
13ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=066e7bdc-27ce-4994-b0d5-32e928c4baf0&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=2409&xuid=066e7bdc-27ce-4994-b0d5-32e928c4baf0&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date: Mon, 22 Nov 2021 19:49:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 c.gif
c.bing.com/ Frame 8E30 42 B
592 B 71ms
38ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=13626804120658146823&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
etag: "f95a3e4769d2d71:0"
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1485F94C08FE42289EBED6A7640F8E9D Ref B: FRAEDGE1311 Ref C: 2021-11-22T19:49:53Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 8E30
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=13626804120658146823
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=13626804120658146823&dcc=t

0
0

128ms
127ms

Image
text/html

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=13626804120658146823&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: N5JB58XJ3NE9XVV88BKY
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=13626804120658146823&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 8E30
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0

37 B
139 B

13ms
12ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame 8E30
Redirect Chain

https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4771&xuid=2381274326146706719&dongle=d407

37 B
353 B

11ms
11ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4771&xuid=2381274326146706719&dongle=d407
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4771&xuid=2381274326146706719&dongle=d407
pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK setuid
ib.adnxs.com/prebid/ Frame 8E30 43 B
2 KB 8ms
7ms Image
image/gif 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=&gdpr_consent=&f=b&uid=13626804120658146823

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: a64cd60d-f117-487c-aec2-3553d6952583
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame 1A0F 568 B
724 B 18ms
18ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4285695&adjsver=3&fvers=&iframe=1&ref=https%3A//www.controle.50emais.com.br/&ro=https%3A//011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.45%20Safari/537.36&os=17&browser=11&userid=0&kid=2958451&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxnM9YPSbYeP7Ipm4gAeErLXYBLqxmL5mguizgYcP8C4QASD3lKwwYJWCi4KYB8gBCakChgILxDfosj6oAwGqBPoBT9Ao3T3TW1bdwEPU7EwdpylP0Y%5FYAG2umO0v94uaeG7iVRta8EcZvltyDvea5jdKFXMa5UmJ01DJcvdk0jKEwJnJBX5za%2DKoWmT1f3MR22ZJOjLswAasmk9bttKbEr6lij%2DiyEIgltue1pchqC9IayuGgA9M1%5F0XlhoF%5FgfB90zCKTOUqDzFZnO%2DStghvSqrkKyV9BAPjfKDC27ibO1ty0mQcnZ71R0Qavm1uAYKlc9nSBeV9WrQgwNXkJjIvdf0I0Yez0aPbC5Rf5vmNHHYMiIuGp4RC%5Fh4l5ffayesUZuQMQJPSYoDpnzxMyCLGzjX%5FjWPRBxxuNwU%2DsAE%5FOTPmNIC4AQDkAYBoAZNgAesqMu9AagHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT4ZXKCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRofMefjs%5FXpyo5I3wNAhM8hg%26sig%3DAOD64%5F0Ua3yTGQSmks4XAXJgBy0IZyC06A%26client%3Dca%2Dpub%2D3619045887187031%26dbm%5Fc%3DAKAmf%2DB%2Dl9e9MuA8Sd5dRW%5FiQlsUXg%2D7UCM6Zy7mhy7WEDA4IO01aNMNpM6UZJC3fqjOJUrVZtnnpbzQA7xPqFCxZu0L6nKZPFxfApISSMqdox53LE8HS7AVnBZR2eYAnpL7QlPDOt3urakTKI5IiVQtwYbu4xsgPQ%26cry%3D1%26dbm%5Fd%3DAKAmf%2DDGjHu%2DoDUfHrNYP9G6lfoR1x85m8XFRjC9z9JtOrwWkLVY1zLB%2DoCQvVEKbqNUHRktwhKqbETAnDgAnIASG2HPRWPFBxQ03Oel0cklECCjVvT5t2HrdrJFkmSUs4Gm28DOo9h8BOTSh0KfvfdZKy2IE1w8xdKwhYGI%2D51xNift%2D31YwUklnR9BadbA4zLGcR5kGQnylW5Oa2MLhirgkoSldHqaSj0tC%5FLhIyPlkNHBUvB97cb5AdYg7GFdX1eewCbNokL3I3gRQF%2Dksj7cpNUF4Xowmj5pS%2D3FdEhmuiqy6D1pZLQ8BBXNE%2DDAIEEWwYUnRe9p8D4kd1%2DG9FIgd%2DQFIgs7fBNlOMuhzj6F2uMJD7c7bpxOde26M1JZpSX%5F25n9l5Fgs67oq4PzVs%2DrWFu4uiqzeUa%2DeX2sDvTp5vhDoLmPS7BOWTBtiwtdfRAMNLAMSgj23QqoKSiWmzl1r%2DIUqflfaA%26adurl%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4285695&gdpr=&gdpr_consent=&kid=2958451&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCxnM9YPSbYeP7Ipm4gAeErLXYBLqxmL5mguizgYcP8C4QASD3lKwwYJWCi4KYB8gBCakChgILxDfosj6oAwGqBPoBT9Ao3T3TW1bdwEPU7EwdpylP0Y_YAG2umO0v94uaeG7iVRta8EcZvltyDvea5jdKFXMa5UmJ01DJcvdk0jKEwJnJBX5za-KoWmT1f3MR22ZJOjLswAasmk9bttKbEr6lij-iyEIgltue1pchqC9IayuGgA9M1_0XlhoF_gfB90zCKTOUqDzFZnO-StghvSqrkKyV9BAPjfKDC27ibO1ty0mQcnZ71R0Qavm1uAYKlc9nSBeV9WrQgwNXkJjIvdf0I0Yez0aPbC5Rf5vmNHHYMiIuGp4RC_h4l5ffayesUZuQMQJPSYoDpnzxMyCLGzjX_jWPRBxxuNwU-sAE_OTPmNIC4AQDkAYBoAZNgAesqMu9AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT4ZXKCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRofMefjs_Xpyo5I3wNAhM8hg%26sig%3DAOD64_0Ua3yTGQSmks4XAXJgBy0IZyC06A%26client%3Dca-pub-3619045887187031%26dbm_c%3DAKAmf-B-l9e9MuA8Sd5dRW_iQlsUXg-7UCM6Zy7mhy7WEDA4IO01aNMNpM6UZJC3fqjOJUrVZtnnpbzQA7xPqFCxZu0L6nKZPFxfApISSMqdox53LE8HS7AVnBZR2eYAnpL7QlPDOt3urakTKI5IiVQtwYbu4xsgPQ%26cry%3D1%26dbm_d%3DAKAmf-DGjHu-oDUfHrNYP9G6lfoR1x85m8XFRjC9z9JtOrwWkLVY1zLB-oCQvVEKbqNUHRktwhKqbETAnDgAnIASG2HPRWPFBxQ03Oel0cklECCjVvT5t2HrdrJFkmSUs4Gm28DOo9h8BOTSh0KfvfdZKy2IE1w8xdKwhYGI-51xNift-31YwUklnR9BadbA4zLGcR5kGQnylW5Oa2MLhirgkoSldHqaSj0tC_LhIyPlkNHBUvB97cb5AdYg7GFdX1eewCbNokL3I3gRQF-ksj7cpNUF4Xowmj5pS-3FdEhmuiqy6D1pZLQ8BBXNE-DAIEEWwYUnRe9p8D4kd1-G9FIgd-QFIgs7fBNlOMuhzj6F2uMJD7c7bpxOde26M1JZpSX_25n9l5Fgs67oq4PzVs-rWFu4uiqzeUa-eX2sDvTp5vhDoLmPS7BOWTBtiwtdfRAMNLAMSgj23QqoKSiWmzl1r-IUqflfaA%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: a7d4139a86f5c5467ae6cb400f0ae7b95995f6ed3da681d17ce1cf8fdc6a0ca1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 20:49:53 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control: no-cache
content-type: text/javascript
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BB51 22 KB
8 KB 9ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 19 Nov 2021 12:35:14 GMT
expires: Sat, 19 Nov 2022 12:35:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 285279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 300x250_OMAC_2016_Launch%20(3).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame E105 52 KB
52 KB 82ms
18ms Image
image/jpeg 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/32995/creativesup/300x250_OMAC_2016_Launch%20(3).jpg
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=17138600208629500710616011786001&a=4171ec3d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 19:49:53 GMT
Last-Modified: Mon, 20 Jun 2016 09:16:21 GMT
Server: nginx
ETag: "5767b465-ce63"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 52835

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 2511 89 KB
32 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=14541200197103000710612011786008&a=37e5b2c4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 09:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Nov 2022 09:35:41 GMT

GET
H/1.1 200
OK 728x90_OMAC_2016_Launch%20(4).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 2511 44 KB
44 KB 50ms
19ms Image
image/jpeg 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/32995/creativesup/728x90_OMAC_2016_Launch%20(4).jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=14541200197103000710612011786008&a=37e5b2c4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: e8ec2a4d84f51a4860526181c3822b954b3a134dc14446ba753b37708470171d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 19:49:53 GMT
Last-Modified: Mon, 20 Jun 2016 09:28:47 GMT
Server: nginx
ETag: "5767b74f-af88"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 44936

GET
H/1.1 200
OK 0s3p1fkb96mt Show response
ad.ad-srv.net/zone/ Frame 1A0F 10 KB
3 KB 42ms
12ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/zone/0s3p1fkb96mt?subid=&redirectClick=
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 556b9c48c9f361ff90a341f559278f7b6e785497a8938882f644bc5da77c9c91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 19:49:53 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2657
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
hal90001.redintelligence.net/ Frame E105 0
150 B 37ms
12ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/viewability?s=17138600208629500710616011786001&a=3e6eb198&vb=m
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=17138600208629500710616011786001&a=4171ec3d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/request_content.php?s=17138600208629500710616011786001&a=4171ec3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame E105 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 dc_pre=CLjAzu3erPQCFTIgBgAdMwcGjA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4388042477225.982
adservice.google.com/ddm/fls/z/ Frame BBA2 42 B
63 B 47ms
47ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLjAzu3erPQCFTIgBgAdMwcGjA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4388042477225.982

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjAzu3erPQCFTIgBgAdMwcGjA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4388042477225.982?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CLbAzu3erPQCFXQcBgAd3I4Nrg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6191729192893.931
adservice.google.com/ddm/fls/z/ Frame 1D4F 42 B
63 B 45ms
45ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLbAzu3erPQCFXQcBgAd3I4Nrg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6191729192893.931

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLbAzu3erPQCFXQcBgAd3I4Nrg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6191729192893.931?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9B19
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBOd1D6iNuHVFDq-xkiDR5k&google_cver=1&google_push=AYg5qPKBqYXQt-jhFtZOBUzGq-dkXFWrI1gQDyZ0yTj5rqqguVbugXQl0BBt8yjy7tlopvXIhtwUX_adSM8KGtSLK-14VjebKxA0
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM4MTI3NDMyNjE0NjcwNjcxOQ==&gdpr=0&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEMhJZ0z0ymD4WZ5Z9wMZSYo&google_cver=1

43 B
407 B

20ms
20ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEMhJZ0z0ymD4WZ5Z9wMZSYo&google_cver=1
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEMhJZ0z0ymD4WZ5Z9wMZSYo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9B19 35 B
210 B 11ms
9ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAL0OBx3a4c9Ak9p_H2xSQM&google_cver=1&google_push=AYg5qPKGl2LO_TXViL1OVnjJpPycXG_3V1km7V9d5NmJhANt5OXCh40gqPtLtwqrcQjVQePOYd9tJt1gW4IaVPlJk_9VOdYSZWPrDQ

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9B19
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEt4T1YjbA6gB620kk5sSaw&google_cver=1&google_push=AYg5qPJxS7bokN-AiHRIEUIPyMMM_jC4pnRkAqnnY7K6bSGiQOWQ_h2V25CRKXgd6M8MM9MUf7TrpmPXYFU...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJxS7bokN-AiHRIEUIPyMMM_jC4pnRkAqnnY7K6bSGiQOWQ_h2V25CRKXgd6M8MM9MUf7TrpmPXYFUD-8kHaLIdvHC9EOE-XQ&google_hm=lNNsOsDHT9KgmgJYzs...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJxS7bokN-AiHRIEUIPyMMM_jC4pnRkAqnnY7K6bSGiQOWQ_h2V25CRKXgd6M8MM9MUf7TrpmPXYFUD-8kHaLIdvHC9EOE-XQ&google_hm=lNNsOsDHT9KgmgJYzs7W6go

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJxS7bokN-AiHRIEUIPyMMM_jC4pnRkAqnnY7K6bSGiQOWQ_h2V25CRKXgd6M8MM9MUf7TrpmPXYFUD-8kHaLIdvHC9EOE-XQ&google_hm=lNNsOsDHT9KgmgJYzs7W6go
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9B19
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJMCF14hs9a6BbO-qLwe0vg&google_cver=1&google_push=AYg5qPIwv6mIH3h41y8Yryv0mLr391TxdSS72-xndargKcVNERwvfFjYaH6NT0MvhhWFkqehospVKRzBg1YhxZ...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPIwv6mIH3h41y8Yryv0mLr391TxdSS72-xndargKcVNERwvfFjYaH6NT0MvhhWFkqehospVKRzBg1YhxZKxkYG11yVdYZS-&google_hm=hmGb9GGl9IBZCYY7X...

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPIwv6mIH3h41y8Yryv0mLr391TxdSS72-xndargKcVNERwvfFjYaH6NT0MvhhWFkqehospVKRzBg1YhxZKxkYG11yVdYZS-&google_hm=hmGb9GGl9IBZCYY7XA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D619BF461A5F4805909863B5CBLIS

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPIwv6mIH3h41y8Yryv0mLr391TxdSS72-xndargKcVNERwvfFjYaH6NT0MvhhWFkqehospVKRzBg1YhxZKxkYG11yVdYZS-&google_hm=hmGb9GGl9IBZCYY7XA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D619BF461A5F4805909863B5CBLIS
date: Mon, 22 Nov 2021 19:49:53 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9B19
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELKMw75CCITErcSwgvMJdUE&google_cver=1&google_push=AYg5qPKHwxGz4MnkeeF2Trl7XofvQtmRBpvJHOLLMIjXYJN8QNHccJ4031aUWkSf2bevlp94vY7-lygEQzdh9Ym3g_36...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKHwxGz4MnkeeF2Trl7XofvQtmRBpvJHOLLMIjXYJN8QNHccJ4031aUWkSf2bevlp94vY7-lygEQzdh9Ym3g_36-rsEcH8MWA&google_hm=Bm573CfOSZSw1TLpKMS68A==

170 B
188 B

35ms
34ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKHwxGz4MnkeeF2Trl7XofvQtmRBpvJHOLLMIjXYJN8QNHccJ4031aUWkSf2bevlp94vY7-lygEQzdh9Ym3g_36-rsEcH8MWA&google_hm=Bm573CfOSZSw1TLpKMS68A==

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKHwxGz4MnkeeF2Trl7XofvQtmRBpvJHOLLMIjXYJN8QNHccJ4031aUWkSf2bevlp94vY7-lygEQzdh9Ym3g_36-rsEcH8MWA&google_hm=Bm573CfOSZSw1TLpKMS68A==
Date: Mon, 22 Nov 2021 19:49:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9B19
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEE7PK5uv_iwA2xDzuSHaMd8&google_cver=1&google_push=AYg5qPLo5HOhT5cnHJelmOKUR2ZXDMaj2crNkgsYRqK1r3NwAVK1Qxs2259R-YSiXZtlVok-Lfsyef1ZxfOkQNlU7SPmAkTtiu...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2MjY4MDQxMjA2NTgxNDY4MjM%3D&google_push=AYg5qPLo5HOhT5cnHJelmOKUR2ZXDMaj2crNkgsYRqK1r3NwAVK1Qxs2259R-Y...

170 B
188 B

32ms
30ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2MjY4MDQxMjA2NTgxNDY4MjM%3D&google_push=AYg5qPLo5HOhT5cnHJelmOKUR2ZXDMaj2crNkgsYRqK1r3NwAVK1Qxs2259R-YSiXZtlVok-Lfsyef1ZxfOkQNlU7SPmAkTtiuhggA

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2MjY4MDQxMjA2NTgxNDY4MjM%3D&google_push=AYg5qPLo5HOhT5cnHJelmOKUR2ZXDMaj2crNkgsYRqK1r3NwAVK1Qxs2259R-YSiXZtlVok-Lfsyef1ZxfOkQNlU7SPmAkTtiuhggA
date: Mon, 22 Nov 2021 19:49:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 9B19 0
75 B 105ms
21ms Image
text/plain 185.86.138.120
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIdwpakc5jFWYhwFmPy1WK0&google_cver=1&google_push=AYg5qPJmokWMLEzkLERFm3gYeusGtl6O9cDbfgk88AaXcea-LWdHtp1GJTpB_RNE2_UOOoRc1cFcqjbYgPEv9dP_2zWsw2gAHMqzXA
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.120 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:53 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9B19 0
12 B 30ms
29ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I83p8reMXyGAfYDM-0hzWT0ZZCY09LNdwtkOoELDawt7nLe_t7TdNmjkob0QeuVn-1BHoy

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame DFD8 35 B
210 B 14ms
13ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAL0OBx3a4c9Ak9p_H2xSQM&google_cver=1&google_push=AYg5qPKKNnP_ZLiDk0LIz5qPzBGpoRmN8UHavXCy4aFnz3_Auq-JIdGbIr_CxEOD_BjUu_yD3XX5TNzRSh7CDYBqsWIVTHRhwfFMnQ

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DFD8
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELZaexKyo7tcR6Jj7yOACbY&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELZaexKyo7tcR6Jj7yOACbY&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eFA0Y25MeFoxTVBmazU1&google_gid=CAESELZaexKyo7tcR6Jj7yOACbY&google_cver=1&google_push=AYg5qPIb_l65-YKWMiKR6y4Xqk5vDVvcOJTaW34rIMxDID0...

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eFA0Y25MeFoxTVBmazU1&google_gid=CAESELZaexKyo7tcR6Jj7yOACbY&google_cver=1&google_push=AYg5qPIb_l65-YKWMiKR6y4Xqk5vDVvcOJTaW34rIMxDID02xnMcnnu71tdiD-4DqexzcBUXDmf5lldCh1q853j4hSOchr0HvmiqWg

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-0b2a0a0a5201c51fd@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eFA0Y25MeFoxTVBmazU1&google_gid=CAESELZaexKyo7tcR6Jj7yOACbY&google_cver=1&google_push=AYg5qPIb_l65-YKWMiKR6y4Xqk5vDVvcOJTaW34rIMxDID02xnMcnnu71tdiD-4DqexzcBUXDmf5lldCh1q853j4hSOchr0HvmiqWg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame DFD8 70 B
264 B 40ms
38ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEP6j1nYIWdvEamqLsaCvbiY&google_cver=1&google_push=AYg5qPLjSIhlDoRxKoaQMdqOs6_zQKL-0KJCtd36Iy8hZbeZVN3qADxOZwKO054UKyCIY_zCrp6hFBnDdLqCgx8B-SZt1vligtGQ
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DFD8
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEt4T1YjbA6gB620kk5sSaw&google_cver=1&google_push=AYg5qPL249DywhZgNxO_3ef3TZ5CMj4w0Gsp0ydm1W4GaXrciBmFu-mpH8Cvz7MGb8VRt_d_QZjl9bipYgj...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPL249DywhZgNxO_3ef3TZ5CMj4w0Gsp0ydm1W4GaXrciBmFu-mpH8Cvz7MGb8VRt_d_QZjl9bipYgjgKFI_lnGk_G85wBtzhg&google_hm=lNNsOsDHT9KgmgJYzs...

170 B
188 B

29ms
27ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPL249DywhZgNxO_3ef3TZ5CMj4w0Gsp0ydm1W4GaXrciBmFu-mpH8Cvz7MGb8VRt_d_QZjl9bipYgjgKFI_lnGk_G85wBtzhg&google_hm=lNNsOsDHT9KgmgJYzs7W6go

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:52 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPL249DywhZgNxO_3ef3TZ5CMj4w0Gsp0ydm1W4GaXrciBmFu-mpH8Cvz7MGb8VRt_d_QZjl9bipYgjgKFI_lnGk_G85wBtzhg&google_hm=lNNsOsDHT9KgmgJYzs7W6go
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DFD8
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEK-tDPbvwud_Rw8T3kBT16o&google_cver=1&google_push=AYg5qPL7RUSwVpYiAn2Kv4PkL05dhxPMAeNzIoKOV8Vf8mVjsmWdPMQrpaOEZ...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEK-tDPbvwud_Rw8T3kBT16o&google_cver=1&google_push=AYg5qPL7RUSwVpYiAn2Kv4PkL05dhxPMAeNzIoKOV8Vf8mVjsmWdPMQrpaOEZ...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=P0tsWESiaGE1fCqLI-f73g&google_push=AYg5qPL7RUSwVpYiAn2Kv4PkL05dhxPMAeNzIoKOV8Vf8mVjsmWdPMQrpaOEZJxq_-5wfcBBudJJLYcDD...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=P0tsWESiaGE1fCqLI-f73g&google_push=AYg5qPL7RUSwVpYiAn2Kv4PkL05dhxPMAeNzIoKOV8Vf8mVjsmWdPMQrpaOEZJxq_-5wfcBBudJJLYcDDAol1d1e_GRzUXlu5nh9

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=P0tsWESiaGE1fCqLI-f73g&google_push=AYg5qPL7RUSwVpYiAn2Kv4PkL05dhxPMAeNzIoKOV8Vf8mVjsmWdPMQrpaOEZJxq_-5wfcBBudJJLYcDDAol1d1e_GRzUXlu5nh9
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 238

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DFD8
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELKMw75CCITErcSwgvMJdUE&google_cver=1&google_push=AYg5qPIjnfbT-pJZemwc2vzugQDFezvpPnhYAWA4J4nGEWSDMwY4P-kjwbvNkr7v6UaJGCSCX4vkgzRdRTik1j4DiTsf...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIjnfbT-pJZemwc2vzugQDFezvpPnhYAWA4J4nGEWSDMwY4P-kjwbvNkr7v6UaJGCSCX4vkgzRdRTik1j4DiTsf1aY2ZvMCpw&google_hm=Bm573CfOSZSw1TLpKMS68A==

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIjnfbT-pJZemwc2vzugQDFezvpPnhYAWA4J4nGEWSDMwY4P-kjwbvNkr7v6UaJGCSCX4vkgzRdRTik1j4DiTsf1aY2ZvMCpw&google_hm=Bm573CfOSZSw1TLpKMS68A==

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIjnfbT-pJZemwc2vzugQDFezvpPnhYAWA4J4nGEWSDMwY4P-kjwbvNkr7v6UaJGCSCX4vkgzRdRTik1j4DiTsf1aY2ZvMCpw&google_hm=Bm573CfOSZSw1TLpKMS68A==
Date: Mon, 22 Nov 2021 19:49:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DFD8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGgKSqQXwQmL0tWiC2T31gk&google_cver=1&google_push=AYg5qPLuOLcuqX-m9bsz8lz8LI4iHbZ8zzN5_JRArnw54pXb1Ql9tAxTg1jEj6aYIdAO5Lyj6cF2nG6V24B84e9-s5byO7R...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLuOLcuqX-m9bsz8lz8LI4iHbZ8zzN5_JRArnw54pXb1Ql9tAxTg1jEj6aYIdAO5Lyj6cF2nG6V24B84e9-s5byO7RQAVhaPA&google_hm=NzM3NjI1ODc3MDU0OTk5...

170 B
188 B

23ms
22ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLuOLcuqX-m9bsz8lz8LI4iHbZ8zzN5_JRArnw54pXb1Ql9tAxTg1jEj6aYIdAO5Lyj6cF2nG6V24B84e9-s5byO7RQAVhaPA&google_hm=NzM3NjI1ODc3MDU0OTk5NjUyNA%3D%3D

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Nov 2021 19:49:53 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLuOLcuqX-m9bsz8lz8LI4iHbZ8zzN5_JRArnw54pXb1Ql9tAxTg1jEj6aYIdAO5Lyj6cF2nG6V24B84e9-s5byO7RQAVhaPA&google_hm=NzM3NjI1ODc3MDU0OTk5NjUyNA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame DFD8 0
12 B 25ms
25ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IGRxCjcdaoOhsKDTAFkz9YOK92gYUskiMU_KrvfMt2lXPkGRpmj66F24-0_Vnld8ANDaUw

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK viewability Show response
hal90008.redintelligence.net/ Frame 2511 0
150 B 46ms
12ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/viewability?s=14541200197103000710612011786008&a=a4cedcfc&vb=m
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=14541200197103000710612011786008&a=37e5b2c4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/request_content.php?s=14541200197103000710612011786008&a=37e5b2c4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 2511 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

request.php Show response
ad3.ad-srv.net/ Frame 1A0F
Redirect Chain

https://ad3.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=b9adda8ffc&subid=&uid=69fca89826df9b1e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90...
https://ad3.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=b9adda8ffc&subid=&uid=69fca89826df9b1e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90...

2 KB
1 KB

58ms
36ms

Script
application/x-javascript

138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad3.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=b9adda8ffc&subid=&uid=69fca89826df9b1e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fwww.controle.50emais.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.controle.50emais.com.br&random=9178980729899&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.117 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f37f39febf8b5da433eb69c29cdb01e84db5d46f2da128cfb3baec34d904ad9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 24479700155119200383828011786003
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 731
Expires: Mon, 22 Nov 2021 19:49:53 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=b9adda8ffc&subid=&uid=69fca89826df9b1e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fwww.controle.50emais.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.controle.50emais.com.br&random=9178980729899&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 22 Nov 2021 19:49:53 +0100

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame BB51 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 08:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Nov 2022 08:29:26 GMT

GET
H2

200

onepixel.gif Show response
tracking.mlsat02.de/ Frame 9D78
Redirect Chain

https://www.awin1.com/cshow.php?s=2419055&v=11430&q=366416&r=473322&pref1=24479700155119200383828011786003&gdpr=&gdpr_consent=
https://creative.mlsat02.de/telekom/aff/ads_media.php?b=1&pvfn=1&dlid=2055&partnerid=473322&zanpid=11430_473322_1637610594_&cachebuster=1637610594&awv=11430_473322_1637610594_5ced30b3-4bcd-11ec-9d3...
https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-NTIwMDQ5OTQ7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2Mzc2MTA1OTRfNWNlZDMwYjMtNGJjZC0xMWVjLTlkMzktMjIzNmMwZG...
https://tracking.mlsat02.de/onepixel.gif

43 B
129 B

14ms
13ms

Document
image/gif

51.178.130.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.mlsat02.de/onepixel.gif
Requested by: Host: ad3.ad-srv.net
URL: https://ad3.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=b9adda8ffc&subid=&uid=69fca89826df9b1e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fwww.controle.50emais.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.controle.50emais.com.br&random=9178980729899&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.130.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3169999.ip-51-178-130.eu
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

server: nginx
date: Mon, 22 Nov 2021 19:49:54 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT

Redirect headers

Date: Mon, 22 Nov 2021 19:49:54 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
P3P: CP="NOI CUR OUR STP"
Location: https://tracking.mlsat02.de/onepixel.gif
Content-Encoding: gzip
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Content-Length: 20
Content-Type: text/html; charset=utf-8
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive

GET
H/1.1 200
OK request_content.php Show response
ad3.ad-srv.net/ Frame 9170 3 KB
2 KB 33ms
11ms Document
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad3.ad-srv.net/request_content.php?s=24479700155119200383828011786003&a=beecaf54
Requested by: Host: ad3.ad-srv.net
URL: https://ad3.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=b9adda8ffc&subid=&uid=69fca89826df9b1e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fwww.controle.50emais.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.controle.50emais.com.br&random=9178980729899&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 279d8262aa7ef988bf58c2ebecb6bd6776a506bafdbc94c9b2698873fb5ff68d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

Date: Mon, 22 Nov 2021 19:49:54 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 22 Nov 2021 19:49:54 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1211
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A841 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Nov 2021 13:26:12 GMT
expires: Tue, 23 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 23022
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1A0F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0b3afe7215fdf3870c1a11be2dc11640d5619b1903b514188a62664acee716d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame 9315
Redirect Chain

https://sync.adtelligent.com/csync?t=p&ep=0&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dadtelligent%26gdpr%3D%26gdpr_consent%3D%26uid%3D%7Buid%7D
https://ib.adnxs.com/prebid/setuid?bidder=adtelligent&gdpr=&gdpr_consent=&uid=406809d7cf964f80

43 B
2 KB

24ms
24ms

Document
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=adtelligent&gdpr=&gdpr_consent=&uid=406809d7cf964f80

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/

Response headers

Server: nginx/1.17.9
Date: Mon, 22 Nov 2021 19:49:58 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
AN-X-Request-Uuid: 23b7ce07-6a8a-4abe-859f-c4188cdc0ac5
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com

Redirect headers

Server: VertaMedia 1.0
Date: Mon, 22 Nov 2021 19:49:57 GMT
Content-Length: 0
Etag: 406809d7cf964f80
Location: https://ib.adnxs.com/prebid/setuid?bidder=adtelligent&gdpr=&gdpr_consent=&uid=406809d7cf964f80

GET
H2

200

/ Show response
track.adform.net/adfscript/ Frame 9170
Redirect Chain

https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556873&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950...
https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&...

1 KB
1 KB

78ms
20ms

Script
text/javascript

37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad3.ad-srv.net%2Fc%2Fcmvj7c148qmq1w5%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__

Requested by

Host: ad3.ad-srv.net
URL: https://ad3.ad-srv.net/request_content.php?s=24479700155119200383828011786003&a=beecaf54

Protocol

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e10f5db5dafa800c6ae93574bb95064d71f14276f5c05b1b1d360b25cbb5393e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad3.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 821
expires: -1

Redirect headers

location: https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad3.ad-srv.net%2Fc%2Fcmvj7c148qmq1w5%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__
pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9170 0
0 28ms
28ms Image
text/html 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.awin1.com/cshow.php?s=2950366&v=11430&q=361931&r=473322&pref1=24479700155119200383828011786003&gdpr=&gdpr_consent=
Requested by: Host: ad3.ad-srv.net
URL: https://ad3.ad-srv.net/request_content.php?s=24479700155119200383828011786003&a=beecaf54
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-217.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad3.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1 200
OK viewability Show response
ad3.ad-srv.net/ Frame 9170 0
150 B 34ms
12ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad3.ad-srv.net/viewability?s=24479700155119200383828011786003&a=2c99e169&vb=m
Requested by: Host: ad3.ad-srv.net
URL: https://ad3.ad-srv.net/request_content.php?s=24479700155119200383828011786003&a=beecaf54
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad3.ad-srv.net/request_content.php?s=24479700155119200383828011786003&a=beecaf54
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 19:49:54 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame A841 0
103 B 15ms
12ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEO_4yh0Bxot1Pu3lK1g_EHU&google_cver=1&google_push=AYg5qPI9IRvBpglBw8LF7ShATiSYk0YwW6FnX6KsN31eEJeN9B8vaZOGWYO576oq0Wp2yZv9CQomsQgexcKojNVLUD9-YKzw7Yo
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A841
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPqA68jgWhAmnK-DWee0u2g&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eFA0Y25MeFoxTVBmazU1&google_gid=CAESEPqA68jgWhAmnK-DWee0u2g&google_cver=1&google_push=AYg5qPLeHd_nH4JJLAX8nTot1u_Bh3Zk-G79aJLNwPuLTo5...

170 B
189 B

17ms
16ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eFA0Y25MeFoxTVBmazU1&google_gid=CAESEPqA68jgWhAmnK-DWee0u2g&google_cver=1&google_push=AYg5qPLeHd_nH4JJLAX8nTot1u_Bh3Zk-G79aJLNwPuLTo5b2fVL8fIHRCCPIODBnI4LUozaJVFCfk_FrFVxsnz73JwRkST8UJA

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:53 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-0b2a0a0a5201c51fd@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eFA0Y25MeFoxTVBmazU1&google_gid=CAESEPqA68jgWhAmnK-DWee0u2g&google_cver=1&google_push=AYg5qPLeHd_nH4JJLAX8nTot1u_Bh3Zk-G79aJLNwPuLTo5b2fVL8fIHRCCPIODBnI4LUozaJVFCfk_FrFVxsnz73JwRkST8UJA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 i.match
a.tribalfusion.com/ Frame A841 43 B
742 B 238ms
203ms Image
image/gif 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEPX8Glarp-7UJYn5v2mHm8g&google_cver=1&google_push=AYg5qPKaga45wJmfG1RNTFUIvM1RWUFiyE15TLT3U6xyc9adzS7oye9f-iNLlwUcwCiH3MmA69yIewG_7mkfyRHU4NhP2kbY4QA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKaga45wJmfG1RNTFUIvM1RWUFiyE15TLT3U6xyc9adzS7oye9f-iNLlwUcwCiH3MmA69yIewG_7mkfyRHU4NhP2kbY4QA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b24af064b7bf927-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A841
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEngho91L3PDlX25j0a_QTY&google_cver=1&google_push=AYg5qPLKtLEhfGBauODYahG6PHe8xKI8oK0CKolju91oiC4RPYkLHfAXwNxZA4YiMjfRIf1eRVlxphU7_xU611...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPLKtLEhfGBauODYahG6PHe8xKI8oK0CKolju91oiC4RPYkLHfAXwNxZA4YiMjfRIf1eRVlxphU7_xU6114VY5h9wR842d0&google_hm=hmGb9GGl9IBZCYY7XA...

170 B
189 B

31ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPLKtLEhfGBauODYahG6PHe8xKI8oK0CKolju91oiC4RPYkLHfAXwNxZA4YiMjfRIf1eRVlxphU7_xU6114VY5h9wR842d0&google_hm=hmGb9GGl9IBZCYY7XA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D619BF461A5F4805909863B5CBLIS

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPLKtLEhfGBauODYahG6PHe8xKI8oK0CKolju91oiC4RPYkLHfAXwNxZA4YiMjfRIf1eRVlxphU7_xU6114VY5h9wR842d0&google_hm=hmGb9GGl9IBZCYY7XA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D619BF461A5F4805909863B5CBLIS
date: Mon, 22 Nov 2021 19:49:54 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A841
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFV6t_RZIcms-lFzUE0l5Hs&google_cver=1&google_push=AYg5qPJoxVP9EFI17T6Cj5uuwabwVRaTlj4j3cyWXqdhZrVRbjpIXo25lhL9XFxBVnd7Ls9roU2kFePSlW8zIQ8F1EW3nhz...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJoxVP9EFI17T6Cj5uuwabwVRaTlj4j3cyWXqdhZrVRbjpIXo25lhL9XFxBVnd7Ls9roU2kFePSlW8zIQ8F1EW3nhzMbjM&google_hm=NzM3NjI1ODc3MDU0OTk5NjU...

170 B
189 B

32ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJoxVP9EFI17T6Cj5uuwabwVRaTlj4j3cyWXqdhZrVRbjpIXo25lhL9XFxBVnd7Ls9roU2kFePSlW8zIQ8F1EW3nhzMbjM&google_hm=NzM3NjI1ODc3MDU0OTk5NjUyNA%3D%3D

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Nov 2021 19:49:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJoxVP9EFI17T6Cj5uuwabwVRaTlj4j3cyWXqdhZrVRbjpIXo25lhL9XFxBVnd7Ls9roU2kFePSlW8zIQ8F1EW3nhzMbjM&google_hm=NzM3NjI1ODc3MDU0OTk5NjUyNA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A841
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENn57ToEMvcFMx0JH4C37rs&google_cver=1&google_push=AYg5qPJf_VPjPMXEH2xFlIknfnPUzHUPamjIQeVnhbp2ma7aDDswq9aFHESZEOALTygEOZQB9Dew3xGJ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjQ4NjQ3NTUzMDI2NzQ0Nw&google_push=AYg5qPJf_VPjPMXEH2xFlIknfnPUzHUPamjIQeVnhbp2ma7aDDswq9aFHESZEOALTygEOZQB9Dew3x...

170 B
189 B

33ms
33ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjQ4NjQ3NTUzMDI2NzQ0Nw&google_push=AYg5qPJf_VPjPMXEH2xFlIknfnPUzHUPamjIQeVnhbp2ma7aDDswq9aFHESZEOALTygEOZQB9Dew3xGJYJ3VG8Tkcw7BCumYPsk

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA1NjQ4NjQ3NTUzMDI2NzQ0Nw&google_push=AYg5qPJf_VPjPMXEH2xFlIknfnPUzHUPamjIQeVnhbp2ma7aDDswq9aFHESZEOALTygEOZQB9Dew3xGJYJ3VG8Tkcw7BCumYPsk
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 200 dot.gif
s0.2mdn.net/ Frame A841 43 B
71 B 46ms
45ms Image
image/gif 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEGIA6Fg1RBnxQQwhG4ki2OU&google_cver=1&google_push=AYg5qPJrtIguxzplHSYRSly2-C3zLRKjA6zE_ty6cmI9pJt7hRZAZZw5lp85kSx7EAC08DpXlEGe73ipStafk9uWkSPNNLjhHF8-

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 19:49:54 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A841 0
12 B 16ms
15ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IzxnusK_asrCdbjMJgmsnZDXWCeU71ntaUwiWhIw7JmzXufEFAww3J-lXwIzzeW1QWaMzTCA

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE06 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BK7rMX_SbYc_lN8OF7gOrybGgCQAAAAA4AeAEAg&bg=!6-il6KzNAAZQLpa_UC47ACkAdvg8WhyWxgcPYyjr_5P5c-pFPsfndfdVz3DyvGpFIuyr7JoV439GHQIAAAHZUgAAACdoAQeZAuVPmPupZs_YBZHfara1mKD4mJvcJK8lnFxQAuuUMN04o0pyIc04oisiKXTY21G_fz16UXgjx5PdoxX0eARW-NH31bLqZumD2Cil4445Ixwk50oCbDONmX9W8xRE0MTg24Rmc_Wk1gp_tnUzlWooOtZvi3cLyrPU6y1PnN-rKQOeNF0jOq89HEsAB1ukAxYdzoYz5aL7CBb7c7HBr_cjnbHiv6kWZWLmFI-bVddLFU83cAS-pnmFK55JPvPP0F8EMhSz0KSE2QCuX6HyRIGKvFiJ5FiH2ffaFrW0QJ0dJo-h0Mc7b6AYBoYZ2cQjwpLdoE1pXXm9ETi3N_OZz_NoVwjFCNNg0M8pPQZvamoSteTxjUxwwpJoqfsjcHfZxGH01D5SYt7sKS5QXM14oxNuJWmMCw1flAsgXDt6TGXWFGUQwhYwWk3npDTjWqiZ24OhakI7Ox26PWXg7fMAuyOg8uqUvdsddj43krYYY2T4xtzBUeW8gSz4kjraHMIDx-ADFyn00EiPoRmVd2fkdNQm-4dehtX24aPxmGI88zzklX5oBOUFUL-l82DHkoHvsJswwSOcWJxaLU5OTdiAaNjH8vh63tkqM6kuD5vYg6Hic5Jv231HUzDxT3uFdgS1pZ6Cg9MZneqI_NMx5H96rve3LuJyfabrz9aX4NH6uRhr9ZGnKzksW7yNGyTdUFApgGUppwf7SMd-01M_V_gMhdhxeDdIiouM9Sa2ETvgsBuSPdrXPNzYXMlTK2QiCxvlQ694HF9sw3nyK_dbU5n78VejHF7bUvsBmN9Bh07_gMgJh2CEl-FBWo5OyDDz_4kMfiTR1U2RdUNo5Jg11haRvXu0mgnw1Bd1rfDPdvTbSKMT_FJbmPhnLU5uoJrdy7W77EpE8IS-XryigujJWRKXgSauUSXyhpQhxKgDI0VWUqOCnYTSU_vS60sgJBfMWeSM6sGvYofX7TWV1MbMRl7uA-cBMrXTmJYgraY

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A574 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXy8IYPSbYa_oLc2tgQfWyowYAAAAADgB4AQC&bg=!JCelJ2PNAAZQLpa_UC47ACkAdvg8WuiS5Z8Kqn6gmhw6FNDAEa5VB7-snw2SPzmPHD4pYZuvXG4iGwIAAAKDUgAAACZoAQeZAuAI7Ds-s8QYwd-YAqoXjBJMSK3SqyCETTNdBXJFoC0PzN2KOsszDdDtdTXEN0BdYdvt4XQOD2m-uFNKHBVFn7cYDrkYagp4EY3-v7Oh--erPglmxsR4VNS6PVZ-4M4eQ3nW4LzrbmNPyUHpsN0451Owmb3jbI35v3lp4B29l6XWDkicn6lBds6OhgJzUBWYJKpeHWNhqGzdZZ45H3OjacyHJwD90d5pz2E21fx48soG9DukZcIwbFnROPd3A5TzRIPT9PwMFWaE1oA-ndl0tHulsQmjDER1szdSmzXbKgYXXAq0uk_4O8UZT3-3UMuWIjv3Iy7LLANqQdWs3g45FEPDFoeN1vx3jNdfuUOsJ7bIC7GPCKMOO_i6WrhvONvluqY3h796gRcc_ej9TLnqz0wgWZ7GpafgYxIhFgGx-utGe3cQ0i3NnSdMXMtAlCKdTzQh8UUQgn2w2oZX6zScCUheTeznDQEJZWi9LM_g9Ht1NT7d7zYTEVj3XeW4eRwSEsVF8b2ZvvIC83CS3-jGbMtAwKyLrIFRj_CpJit8CSiCMJQaaTATYsSsAkdtk6lGsAAmZeF-YvKX1fXPdEdEyQZUv1yvANIY8v4GXVE_c4QHSCDX1-hrrVdI1qTrdlhkZiE_Z3n2CI9bqh7Hu3W7JJK69sTsaWH-cinlsXFzJZUAS3Bu4xyYfqntz9-r0J-DfYuwv-t_pfV-fk6xqRzWBCuB9Su-VQiVe4qIvqj8FyJYufG7lhKrLtkeFZuFdDqW-HdkGWXe8zfbnBhWJKOeHOwXZo31eNpfUVO6Fq5RwLaOQYKvlGa2OVycHfDVonKDceTpOR1yKgLttydNccT7Eg4cjc-U4dpMzkV1n7gfrn8AYt2-dW6gPtuPESnZ2cAzhp3XlbRcGqOnWcHli2uIFgvFpju7Iamkv07M6YrBKKUkV05Oq0lH9RTim3pog3AUHSQl0__UsriGGqtC3sIqzRdn

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AB5 0
20 B 49ms
49ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bj7csX_SbYc7lN8OF7gOrybGgCQAAAAA4AeAEAg&bg=!_v2l_bnNAAZQLpa_UC47ACkAdvg8Wtlq2mgWR0rH5Xj9clgd4NKgQi15qncsmbaIfC7yAuu4F6JHAAIAAAJyUgAAACVoAQcKAGLL6lD-GpMzZqI4HPf2DbwdhkaL-_TL5VYFwzLyaQDljVcacKI75OWC3GOKNwJt89-NPPSboaYtwaDfAELee6LWYcGgTK-3eBMsbpEzCevrlYuyHFMsxqadd4C-FmldgoJ6J5kDG62poIWWguMQsabrtNllem6b4ib2wEqTJ58Q9YRAOCVET1JJp3I73aT_6-Y4PNig0aMdokbvphIKpSvuEUn7dQ--4gO-qtZMwL7iT7OHKicFZxGuI4uLA0s1V6aoonbAHWHRsdtvIfq69f_smq0f9VT9zFe9Z3_viXZPXUeg4EHbjHJyoML5h6sR083Qv-DAy92PN_lzodlsp5Q6Zv504BgwycrrlQ5jJzKdUqWJAH0kAo05aMy_bAHrXaGa6YV4h3sZiRxzDIEl_RmEgUCSPJBt3o-fAfJ2w40pKugDWpG1Wep-Sas4P-obd8cv00y8vUcdcNsCwwJw8jt2BC1bxCg-12OrZeGwLaCjUhUnQ-ra2SxH91v9BF67k_82gr83XqtVbbPeVyO4eFFaUbUXNgcyAfF2FiSf4x11P4q7ccWodoejnJaAZqKa1LXZ6_6J_EB3BQk1FSfWka56vmqDBW_cBOwBxjsVzRURDDSDDuko81OnBStolaZq51nwqFYBYB_1w3_nuNCQhGnKu3adrBHPrGPfpd1v9Sr2-9dXE3ZRSpkiydlj8SVzG-q9hJoS0mJjeDOpvhreZlJ1wLss8bAcU_hWXXBX_BvyNzcxdp7j4iUoMe7C1cxv44LhDVTxbxKeqE775KV8WTzPBM3HJlxEcKkVAIobXDJc2sxJRQc78_RtvtjsoWiZOBbf2OETqmAw1r1o2CecG0aLeNi-DwZOF2JJp_SmtMb6BuK_UQHFKH2ofeg-6f3YfY4Cl4mZPHNtHDkqehvCicqwQjoUlootrxDYw3Fik7mAe7rMI2k5Jd2WxsP-lNPOmQargJYmdHjakoxam1dc_XSH10y9z5HVO0h46h5vXY-TM_AKRRDqg5VWe-av9Qcp2QFWkApiKUTlPcdpJkfZc35fcH-LmjWQZ73bbrsiFMsoDcLEyzA3aIhvdjxUknzH3COfPXIkfONr74-eAu2-UM7sXaTDpUnK-7ugFS-UMBqNKiqFUzihtKKsml7ucCDs3ZQ4Y3I9s57qgcl4mOjw4YtqNRa-j-WzQZIFIsoxAEzE-A

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 51C1 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BC2oeX_SbYczlN8OF7gOrybGgCQAAAAA4AeAEAg&bg=!TU6lTgrNAAZQLpa_UC47ACkAdvg8WndrmZlntGDen6org3UyOjA72PGSH7PsSqpsC3uNCDB3ZKpKcQIAAAIgUgAAACRoAQeZAtSjMdlug3wbJo3LqGWyrZrki-aJ4xXfGzGR0nlOk6zyWD6CbWoeC6kZrF3EvcL9y6tmXWha1lvgmqQoiJKj5hkVVmnVCYuvYXPQbW_d-KVK_AeOtzipaKO0VEuZBo2Rd1MftOAKs6V1amBCHyRxw8-lK5q1eQHkNJTqjQybT9eAso5_wW3dwq1CY9sqqf92slmoryV4OyGN1z6lCmz0mlVBMAQBCWbEofYK-nZSIDHGfRdSsyx9vLs_VqQLch2Jx_26x5bAVKg5qbSQFE1Imf-wajhQ7xOJfGGmc0q19rye-ovQ-k3-xAVnFCzSOkRjvcsqGZK203J-Z90H6jWCwXFhsYRX7sALqNThInVIPgXk2fHflf_rStjn6lW38Rdgw5lrLBh9OQtIhOrFIPJdJ-OoWw1oi6fbTQmycJEJmVimNir57QebNdkA__Qmkh0q6UGuazD5uR2Sr1BHLPDxSc6nqGSfwoJbbGX5eyfkSfcOe3CmQlluYBizkQJxtpNPH4QHZiCMWy5oj9NxRML8HVwf7opqHk_gXcK-tI_YfRwvwKajF3A2n_GimAI9Yaepo-U8K6Infb8W56j3W42S9dA-vDw3pDnvcVU-cFFB60Bo9yr_-Q-Y7a3q_SNDw6q3U9xlJk32K3vJlpO9lEdodJiWAqUN7ZSRX1jLo34yT42GYwHlV2zENYIMQEiBhMVXWT3s3zQIUHHZiDHqiNpOA-CFp650Eo9_2l6vm1Mmwob6FMZk9YvNuOQOCvzlFZkLmx1GCgqx_Pq9dYXNB36Sx_N7iVF6l4mr4Su3a9H0sPpHQrKXNFXdLqGkgBFJbHmpSIWEc68u-88-kpuN76e2A1hlmUWGqupA0sY1FMMVssX9PQ_TZcQehRsVxZqAXZ1joyY0qyn9GEnYMFCIULaGCzTAqT25jEA9fmy6GNvyNVl1V-YzgDCSETiu-G0zYfgIVzCKo9-s

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 77F8 0
20 B 49ms
49ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMp00YPSbYfDoLsSplQeX6qOIBQAAAAA4AeAEAg&bg=!OjmlOX3NAAZQLpa_UC47ACkAdvg8WgbfsWEEVMRS87Twa8gVXgJAJgp0dcoarLVEVZXqvBAhtUK7vgIAAAKHUgAAACFoAQeZAuIGy11uyk1H1_8wv0xwfqOihQXA1aaIvGyt_hFIBFVhKpgVlEfqaHoKHeC-Sq0Oi7V1et7nZhZwSElaHhbj5w7QTy24czeKLcMwFiT68aF_0T1e__HCmUgyL5i7JHUl3I_T5zguM09I4S7rZ3E2Zpa9ff4ZQYs51upTCaQv6WT-UE091f6fyzpjEgNAAACMcL4sKP_WDeqnZgysr9UmX1vZed2ArJ9462LjDhfh_BD8v4h-psYgJqMnQnCATkPTwPOH-R1gyGapvsNkMQZlkfP6nMRKLzqSOmx69CFcynPwAO6tTJU8qKy8G_AJbXamD4DtMtNTsshPalMhnkwaRTna-0EO1Id2w0FtFPWRf9tG-A_tZj46YbFJZGX1NhOyZw9Y4876BmIFwVOBqPn_PQAF1RKNSiSF1irqOVHQxafi5FIbqOPbxmBn1zA2uJLV5ViN5KTLa1lswBws5dhuk0x_LGwAFCd3BQQeTwWv1_-nTxIwUucTJ36gcsqEkZtykj4h0B2fABdqzcXYkHRH4H4ziprO5ex2ZJ5dIDW9E--4peVBCpQkWn3mD3GkclfcW_ADw3T4hYF0jRtDxp1lbGyiWAIh_cGs8rnvCLZLd6LftIPsEP67BXZ7Y4EP-1QprVKm6eZDyxIWxkjSPZq51mgE94YxKOy0kOab72aobQ97KpCUHSJ5CavOenrigSdf9pm-QF7oT4j_u-LkQcEuPkstqERP4haAldCFWAVc90s99TVEfB_S_oAGAskyRM-n_0BBuVDn1X2nb1INq2OKp6NPoVSRiLiioi4lDCjBEIY7geFoCcFfYmEuFKzuRL1QGjG_FAA4041FSARmrZdMmG5F5zOlEE-HX4AOFQ6cAYwq_zEbQeSx_iGw2tUjZoc6nOJgSe4D6nExhNMbQ67sCR-SqBKintncX-TaCamATKvzMcsfcqDTd602k4qFSFq4xn9Fb6JdVBfqb3fQoTkxLXchZGI

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9AFE 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BO2tsX_SbYdDlN8OF7gOrybGgCQAAAAA4AeAEAg&bg=!_f6l_rrNAAZQLpa_UC47ACkAdvg8WuPttAyfW8cWVmuDRB5YLr01YL54FDy07zZU18nDZ-nHqVSG2wIAAAH1UgAAACFoAQeZAtP7QbqD_6l8Vjn5p_kkj3k-arcSQw5PriauXlTJgBveNdxruTX5hLHMzx44a5Y4NDthXIOKUtEXexVVVNs9fT7Agfv7uB6UEwwPgHLxn_oFB1YjH-jLtudkSDL73aY7X6rQRKa-BReAh9ZiJNx-gMu1ehOyiko44INDHAncnJr_UPHCN8IwWwuZMT_4ts2DdrfWA8aX0K5KfuTA-1iEtJSVE8jaOnTTVxh-Wgyt7SfQyCBSxADQqcmtLYysdMcm_wH-81AJn3WxnC6vgVj2pqT30QD5dn2fIwo9AOB6birXjyLHO3EWBtILbZsb7RkQ771a40YNeYO71Q6GUFDfpmDl1gOb8xIh5QLvS35tuFsWJX0Pimk3zprByLskkN6FXh_HQ7fSTPTbxuj4E-DzecYrzpf5UBAvb2m4lhQqQcr_CEY7ZrdHqrXBXI6VeDGyC7QgNGu2yqXY6XqmIkfzT7YHFBsIXbWWE8ayRkQZrqOgbXasX1g2XiG28z7urN36ydhN90FaI78xFWza3LX1OX6kLbKeWjIK5WeoOhKn_b3dHldd3qzJSCxzV6xPEsXgVwnMHiAHxW2aGbjlb9deQkpy4FvGPsTUKtJ-FjtRU8mQ8gZ6Z9GWSAR-fvofOvxvQtaNiRQ_qcy9rSH5yye553mlsZAgcXxMN7DeFNlRmGqYaXM2qEZ3mIQ5fAHPsrHVtEj53hKjwaR8OmSwdxSrznRNvaRsMMYbKm2DOydjA_Chq1yttozozs5IUKEjfLHxrhEtoKsPsbPeB7Efziou453haav-Ltr9Hd3Is9HKgBQj8tuKlZGG_WJdpPSNANeVe47xOPDjO_MnGRNMaPK2VEEFxyaQpimrHzw2UV0w7YNMz8HQsnTeWIsNnvtoiZbqKismhQeBYn6Y3Ss_NznE_86RUGvXxecIJ1swJmagjjS4PgtRgPZBmUOakf1ebKX_ggSMum0

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BB51 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bfs57YfSbYai0DNKJx_AP37OCiAUAAAAAOAHgBAI&bg=!kZKlktbNAAZQLpa_UC47ACkAdvg8WolhM9gAFIWJ460ZZR6FxDUXL7WEqRe5YS2b9H7B5DCx1-OlJwIAAADeUgAAAAxoAQeZAuRBQetd6liG6mkxTV9-e8k08D4BB8HstEJr5sC99URz4RRnLz93Cg_X2j2VjMQVkJ8QjYjF2rjMR42G9fEInVClm-goSBUzVpUvN6rFtRpqGs4U-dDy9pIYgwdxR6LDa7ynWuABdGKX5VD610ubxlkHuWzgsnM6g8muSFcRrCtJB7OSDRCFol40WDyi7BPRFL87go-LZTw8H3AckK8MWgfIp5gJrSrLOskJX7nZtOjT1A-qYu8aV9Uqd5zL5h6Rgb8D9mGOorBqk2P1vDmCRXvWxJmiEpmPl117VjoV1R0CkoOekvzoyaxNPQLA92psSGLx4p4uLmGEt5H0pyPcjfQgo6Zt-7KK2J4QfSX2W4TGAOADNnhE7hwbt24bkkzfviHAzeDEUUtkTe1cYh1arA4OwEAs8mD6iRYxEkKiTFQwPjnpP39kJLzeco4koatCoJLCb4UPGFAIfmxMPlulDZdjodxKaTB30WrYLsSLny0QfTPhbUwWnQXETBnY1T1EzBegyVsYSUd1DIj6MgYq9VDPibk64ctrS5Js6sKOpdQieGc608WAFtcJ8VHfIx1lbb5KpNHXqiVyDiyfXGyORxSWlY8dj0sIustHRR3wyTMoDoH4eFhNiDvGWOa4vYWuSDzi4UEOB6DJtlnpQfXCfYGGMKbvnJdiLTX1mRpqsB8amIUk4vt1bt5Ljb94AxWYVfyJ2TSWx6il8VAcNogNiTh-2SKxlUw7oH6EnOUNShm1e5cYNiBxMpQWwIyzWeI8FmvuTPGpFZ1reF09Tk6I4Ep7qrPuDFnN5lgEzHJOjAvAPOy7bXYMxkb9TDG9d8AX6q7iz4F568orsAbkCQDDmJV3dUg2B9mQbQD2smwMmFZayEd4SIqaNZieKMpG6qccCu_0ibwJzPi74rnpfKh8oK5Clw4EVW3eU6-qylnBwKsQ7ztN38x7TMKNaOER3LMeMRfm5k3ef-bUwSqvT5jAuAX0gHon8g

Requested by

Host: 011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
URL: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 9170 33 KB
16 KB 129ms
39ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: tracking.mlsat02.de
URL: https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556873&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad3.ad-srv.net%2Fc%2Fcmvj7c148qmq1w5%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad3.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:54 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 23 Nov 2021 23:26:16 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2483 42 B
64 B 60ms
45ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0aWcT1ISB_SgHtEz_fPw7VEHmDcg6H-84740iE5uaQcyJDTNW6_yVI2i10ovY9Y72yu-1XEz4tTEM8TpSh_W55S_1V9L-4Pq1mMB_&sai=AMfl-YR31aastf2B-PSuMm047nwOmhKIdDfje2Mh-wldQR3425bcS5RizqtagpZ_YxbRmuVRW_2-mDS6xv4GEcv2lPxGUV4htYNlx0__kyTMHN-wdynjSWbgkV6VVW_5&sig=Cg0ArKJSzAxppt6Xv8d4EAE&cid=CAASEuRokSSWr3rd-bAu3aYJpdqRjQ&id=lidar2&mcvt=1000&p=909,1065,1159,1365&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=907034928&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637610592670&rpt=719&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5E79 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss__j2PXzez-W1VSPeKKmdjml21CRjxr1DYyCoEjLN5XHZgFFtzKmTSuvQJAxqeITb5NrhmruQycuaFC_sXCxmYrm6CWYzYYDLqT6rI&sai=AMfl-YRn2xwWmpTA1hHZr6KBFjk-UQu-MAOZzKZK_4oRhn_YcHVTZ_vFLNMZEbemawfn7RHuqboXaDW5GPf3oZ_odzBClbtj1jRAfpvCIYJLb3JZ3d-M0KXCGZedSIn3&sig=Cg0ArKJSzDkKFg5shfdkEAE&cid=CAASEuRoqXuXqHsAYEXQgmrNzA2jSA&id=lidar2&mcvt=1001&p=238,436,328,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3490985129&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637610592633&rpt=802&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 9170 7 KB
3 KB 22ms
21ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad3.ad-srv.net%2Fc%2Fcmvj7c148qmq1w5%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__;js=1;adfxid=1x;4166;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fwww.controle.50emais.com.br

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

49bf22db55c90506e75de96f1c91c446f0a7eacedff5e16dd5cd550c576f1d5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad3.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2573
expires: -1

GET
H/1.1 200
OK 908cbadb724971cc9012ced767276cc8
aaa.artefact.com/trck/eview/ Frame 9170 43 B
1 KB 133ms
69ms Image
image/gif 51.68.117.182
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=49420791&tg=mfmmpoek&ckurl=1
Requested by: Host: ad3.ad-srv.net
URL: https://ad3.ad-srv.net/request_content.php?s=24479700155119200383828011786003&a=beecaf54
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.117.182 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx / PHP/7.2.26
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad3.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 19:49:54 GMT
Server: nginx
X-IPLB-Request-ID: C11B0E0A:ECAC_334475B6:01BB_619BF462_189BC61:2EE01
X-Powered-By: PHP/7.2.26
X-IPLB-Instance: 36560
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-control: private
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 9170 90 KB
39 KB 31ms
31ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bb2e8a68e96ef3d9e906cdd9a4e168f516930e8a5ebaf78993d0a084106ead88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad3.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:54 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 23 Nov 2021 23:26:37 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 9170 35 B
468 B 20ms
20ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=49556873&csi=TI35gV-mBwTgQpoh3J9sGId8lShyWDBF62g3iU8_dpEJDwKV3Zer3EqDuQEZRgBCevoqs1uAm8guvwI9wX5WS96vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ad3.ad-srv.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:54 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ad3.ad-srv.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 10483341.js Show response
s1.adform.net/Banners/Elements/Files/2068258/10483341/ Frame F3FE 28 KB
11 KB 24ms
24ms Script
application/x-javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10483341/10483341.js?ADFassetID=10483341&bv=514

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

da748495448dc315ac368345fe0fcbe586c48d4f678c627c321d9eac2e50e290

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad3.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:54 GMT
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 08:34:25 GMT
server: nginx
etag: W/"61839b11-7005"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame F3FE 30 KB
13 KB 22ms
22ms Script
application/x-javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad3.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:54 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:21 GMT
server: nginx
etag: W/"609e6e89-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H/1.1 200
OK 728x90_TVLINES.gif
rechtstexte.s3.amazonaws.com/files/ Frame F3FE 32 KB
32 KB 132ms
38ms Image
image/gif 52.218.37.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rechtstexte.s3.amazonaws.com/files/728x90_TVLINES.gif
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.37.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b9aa88dea691dc26632897620a0320448c59cf5fc559dabe3ee43969e3e6cb29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad3.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 19:49:55 GMT
Last-Modified: Fri, 20 Nov 2020 11:22:46 GMT
Server: AmazonS3
x-amz-request-id: Z7V9T8ZJQ9F7DVWG
ETag: "50f40ec40e1b8b4b954961c87ae93e7d"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 32880
x-amz-id-2: W2emvi8DfdtdzxwhC6vN61bTEsVNHppwKZn8V0nUjpnltYuhpRBCkiwC0SlrIpR4h+WMwjFlyU4=

GET
H2 200 MM.png
s1.adform.net/Banners/Elements/Files/2068258/10483341/bvpath_514/ Frame F3FE 4 KB
5 KB 25ms
24ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10483341/bvpath_514/MM.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

bfbf07509bb60b56671f2785777ed050bfbc6232633c83205f2723d36b51c045

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad3.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:54 GMT
last-modified: Thu, 04 Nov 2021 08:34:25 GMT
server: nginx
etag: "61839b11-11c6"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 4550

GET
H2 200 MTV.png
s1.adform.net/Banners/Elements/Files/2068258/10483341/bvpath_514/ Frame F3FE 7 KB
7 KB 26ms
25ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10483341/bvpath_514/MTV.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1216bd7aa5997119027398f705ab0f681131c27fd822d5131a150d3151823d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad3.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:54 GMT
last-modified: Thu, 04 Nov 2021 08:34:28 GMT
server: nginx
etag: "61839b14-1b93"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 7059

GET
H/1.1 200
OK receiver_300x250_ani.gif
rechtstexte.s3.amazonaws.com/files/ Frame F3FE 53 KB
53 KB 148ms
46ms Image
image/gif 52.218.37.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rechtstexte.s3.amazonaws.com/files/receiver_300x250_ani.gif
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.37.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 69078f0806addf55656e35a8c891b069046ab12c35259dc2cbc5211292b0216c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad3.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 19:49:55 GMT
Last-Modified: Fri, 20 Nov 2020 11:23:42 GMT
Server: AmazonS3
x-amz-request-id: Z7VDE3N8WDBQZ033
ETag: "38153b84393656603b92d67bde128dfc"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 53997
x-amz-id-2: Su1HBsgLfm+x0v3jSiABRF0WjJ6G6fmbtGD7GDAoxr6+gisHT7Me1gNl6BNkm5K6hRX7lS537lg=

GET
H2 200 TV.png
s1.adform.net/Banners/Elements/Files/2068258/10483341/bvpath_514/ Frame F3FE 45 KB
46 KB 29ms
28ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10483341/bvpath_514/TV.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f2bc91a6f8715bd9d31fa1661959c6bd9896256680dfbf296b7763251d88b961

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad3.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:54 GMT
last-modified: Thu, 04 Nov 2021 08:34:25 GMT
server: nginx
etag: "61839b11-b517"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 46359

GET
H2 200 RTLplus.png
s1.adform.net/Banners/Elements/Files/2068258/10483341/bvpath_514/ Frame F3FE 2 KB
3 KB 35ms
34ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10483341/bvpath_514/RTLplus.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f330e0fb417aca7754f72a3978b8c45447cee678c2890d0e545f4250b835126d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad3.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:54 GMT
last-modified: Thu, 04 Nov 2021 08:34:27 GMT
server: nginx
etag: "61839b13-96f"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2415

GET
H2 200 Netflix.png
s1.adform.net/Banners/Elements/Files/2068258/10483341/bvpath_514/ Frame F3FE 2 KB
2 KB 35ms
34ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10483341/bvpath_514/Netflix.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d37a2405c0b93ee3185da472d38a94829d0ba86e3b0e5dd0496747434abecf68

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad3.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:54 GMT
last-modified: Thu, 04 Nov 2021 08:34:27 GMT
server: nginx
etag: "61839b13-7d3"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2003

GET
H2 200 bg_728x90.jpg
s1.adform.net/Banners/Elements/Files/2068258/10483341/bvpath_514/ Frame F3FE 4 KB
4 KB 39ms
38ms Image
image/jpeg 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/10483341/bvpath_514/bg_728x90.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f24c855a896952f27988b675b85ccfcdce4e656683fa3b9e8c365434697cd057

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad3.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:54 GMT
last-modified: Thu, 04 Nov 2021 08:34:28 GMT
server: nginx
etag: "61839b14-106e"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 4206

GET
H/1.1 200
OK viewability Show response
hal90001.redintelligence.net/ Frame E105 0
150 B 35ms
12ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/viewability?s=17138600208629500710616011786001&a=3e6eb198&vb=v
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=17138600208629500710616011786001&a=4171ec3d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/request_content.php?s=17138600208629500710616011786001&a=4171ec3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 19:49:54 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK TeleNeoWeb-ExtraBold.woff
rechtstexte.s3.amazonaws.com/files/TeleNeo/ Frame F3FE 43 KB
43 KB 133ms
42ms Font
application/font-woff 52.218.37.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rechtstexte.s3.amazonaws.com/files/TeleNeo/TeleNeoWeb-ExtraBold.woff
Requested by: Host: ad3.ad-srv.net
URL: https://ad3.ad-srv.net/request_content.php?s=24479700155119200383828011786003&a=beecaf54
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.37.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 287f314b8fb0641d8cc175a81e55f99fd27cd504babb7f9e03d86782ec12a4f9

Request headers

Referer: https://ad3.ad-srv.net/
Origin: https://ad3.ad-srv.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 19:49:55 GMT
Last-Modified: Thu, 18 Jun 2020 07:55:49 GMT
Server: AmazonS3
x-amz-request-id: Z7V67SFA31G6A9G5
ETag: "d7f0b1ef39025154e8517b4aa705d0bc"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43544
x-amz-id-2: q+Q6B48YEMiB5crOSY9E8NcVRgccYrcnv2sLZCyIXbBp784AD0MVYNqWZFZ1Ms64QZDb9OfGbmU=

GET
H/1.1 200
OK TeleNeoWeb-Regular.woff
rechtstexte.s3.amazonaws.com/files/TeleNeo/ Frame F3FE 42 KB
43 KB 136ms
44ms Font
application/font-woff 52.218.37.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rechtstexte.s3.amazonaws.com/files/TeleNeo/TeleNeoWeb-Regular.woff
Requested by: Host: ad3.ad-srv.net
URL: https://ad3.ad-srv.net/request_content.php?s=24479700155119200383828011786003&a=beecaf54
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.37.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d25a37b3070f33f86862bce97206a8f3f403e23ba39c7c8cd8c2f96266f19f03

Request headers

Referer: https://ad3.ad-srv.net/
Origin: https://ad3.ad-srv.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 19:49:55 GMT
Last-Modified: Thu, 18 Jun 2020 07:55:53 GMT
Server: AmazonS3
x-amz-request-id: Z7V0085W2KJCX5Q8
ETag: "41b43bece8523c4d26acc3b30d11019f"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43468
x-amz-id-2: JvDbDcVpEiAX4Kmp0jlqHLAfq+SdZbnZm3mmE2me8TdduQoW/jNu4bGJXQaqrsO6ffT7LuE5RU0=

GET
H/1.1 200
OK viewability Show response
hal90008.redintelligence.net/ Frame 2511 0
150 B 38ms
16ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/viewability?s=14541200197103000710612011786008&a=a4cedcfc&vb=v
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=14541200197103000710612011786008&a=37e5b2c4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/request_content.php?s=14541200197103000710612011786008&a=37e5b2c4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 19:49:54 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.controle.50emais.com.br%2F&domain=www.controle.50emais.com.br&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=abEKK3xCbmtXU0l5aU1OK2M2eE5zRVplSWozWkYydFdzWTRSNld5NXNxQTZTS1djTlE4UnlraURZWHczQ3lOSUdlRTcyRVBuTDhFQjFaUjN3dk51Z1JicTQxNlNodFZ1MkQ4SXIyQk4zeXgzU2NpM0Zpc3dFQk4wK3NrTT...

345 B
604 B

56ms
17ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=abEKK3xCbmtXU0l5aU1OK2M2eE5zRVplSWozWkYydFdzWTRSNld5NXNxQTZTS1djTlE4UnlraURZWHczQ3lOSUdlRTcyRVBuTDhFQjFaUjN3dk51Z1JicTQxNlNodFZ1MkQ4SXIyQk4zeXgzU2NpM0Zpc3dFQk4wK3NrTThaa0ZzeWtWcWplZzhyRitxVzdqNFdITWltdTlObjBza1MwQWZaS0cxUktSNlV3ZGF6OEpSeG0yWDd2a3pNeFVaUHI5cmIzMUZIcldlQmhPbTVIcU5zMDB6enJPUktQUjZvWU9XZFQ2aU9PQUhhbVRrVGJkenZRNGk5NkVkSlg3MWc0UDRhajJrfA&cppv=2

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

1d315d379787cd4ff09b068d3d1eb4ae967b97970879ba6ab85641e9d68ae16c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 22 Nov 2021 19:49:54 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2492
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 22 Nov 2021 19:49:54 GMT
location: https://mug.criteo.com/sid?cpp=abEKK3xCbmtXU0l5aU1OK2M2eE5zRVplSWozWkYydFdzWTRSNld5NXNxQTZTS1djTlE4UnlraURZWHczQ3lOSUdlRTcyRVBuTDhFQjFaUjN3dk51Z1JicTQxNlNodFZ1MkQ4SXIyQk4zeXgzU2NpM0Zpc3dFQk4wK3NrTThaa0ZzeWtWcWplZzhyRitxVzdqNFdITWltdTlObjBza1MwQWZaS0cxUktSNlV3ZGF6OEpSeG0yWDd2a3pNeFVaUHI5cmIzMUZIcldlQmhPbTVIcU5zMDB6enJPUktQUjZvWU9XZFQ2aU9PQUhhbVRrVGJkenZRNGk5NkVkSlg3MWc0UDRhajJrfA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.controle.50emais.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1509
content-length: 509
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 67ms
21ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.controle.50emais.com.br%2F&domain=www.controle.50emais.com.br&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.controle.50emais.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.controle.50emais.com.br
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1624
date: Mon, 22 Nov 2021 19:49:54 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3476 52 KB
17 KB 35ms
10ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sun, 21 Nov 2021 04:25:13 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 22 Nov 2021 19:49:55 GMT
Age: 55479
X-Served-By: cache-lga13621-LGA, cache-hhn4078-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1098185
X-Timer: S1637610595.160087,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame D683 2 KB
823 B 9ms
9ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1637610592040

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20211112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3476 0
729 B 37ms
36ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:55 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 05d9741b-4b48-46fe-b5f9-63117c338bc5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 469ms
17ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1301
date: Mon, 22 Nov 2021 19:49:54 GMT
content-encoding: gzip
vary: Accept-Encoding

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=243192760&t=pageview&_s=1&dl=https%3A%2F%2Fwww.controle.50emais.com.br%2F&ul=en-us&de=UTF-8&dt=Home%20-%2050emais&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAAC~&jid=1570486543&gjid=1051443533&cid=1954475619.1637610591&tid=UA-98623244-1&sf=10&_gid=1834327091.1637610591&_r=1&_slc=1&z=807358775

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.controle.50emais.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.controle.50emais.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 12 KB
5 KB 101ms
43ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/bb4ee533-4177-468d-d929-08d96bc49622
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12f1d9c35940a2b74b61e7125d12245c1de8c96e386583979963db701383d95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Nov 2021 19:20:03 GMT
server: cloudflare
age: 500
etag: W/"618c1b63-31f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6b24af1188e50e16-MXP
content-type: application/javascript
expires: Mon, 22 Nov 2021 20:41:36 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-98623244-1&cid=1954475619.1637610591&jid=1570486543&gjid=1051443533&_gid=1834327091.1637610591&_u=aADAAUABAAAAAC~&z=1770324501

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.controle.50emais.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Nov 2021 19:49:56 GMT
content-type: text/plain
access-control-allow-origin: https://www.controle.50emais.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 46575 Show response
tag.navdmp.com/u/ 537 B
488 B 352ms
352ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/46575
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6774b544506a73b8156b33e49761e33c3b1ac4ba8320efa6b7dafa143a93c3b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:56 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 07 Sep 2021 18:44:58 GMT
server: cloudflare
etag: W/"6137b32a-219"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6b24af11c9850e16-MXP
content-type: application/javascript
expires: Mon, 22 Nov 2021 20:49:56 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3476 0
729 B 8ms
7ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 19:49:56 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: bda95dec-82de-480b-8e8a-ada07a2ca175
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 358 B
431 B 359ms
348ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=46575&u=1&new=1&wst=0&wct=1&wla=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c9da84fc8a3c440af55286ca96a28c0009a3f95cc4c72f03d77b3f78f2cbf8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Mon, 22 Nov 2021 19:49:56 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b24af141f150e16-MXP
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
expires: Mon, 22 Nov 2021 20:49:56 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
101 B 345ms
336ms Script
application/x-javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=fbe633f7cddfb2c723dd66c8509%7C0&acc=46575&tit=Home%2520-%252050emais&url=https%253A%2F%2Fwww.controle.50emais.com.br%2F&upd=1&new=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b24af165c090e16-MXP
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=67618684796
https://sync2.navdmp.com/sync?prtid=2&id=67618684796&google_gid=CAESEKCWsXaLPtgKTlLXgz5AxR4&google_cver=1

6 B
58 B

349ms
339ms

Script
application/javascript

2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=67618684796&google_gid=CAESEKCWsXaLPtgKTlLXgz5AxR4&google_cver=1
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: H2
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b24af169c800e16-MXP
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync2.navdmp.com/sync?prtid=2&id=67618684796&google_gid=CAESEKCWsXaLPtgKTlLXgz5AxR4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=6652619b-f461-4800-ba27-53f5a8dd372f

43 B
130 B

353ms
343ms

Image
image/gif

2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=6652619b-f461-4800-ba27-53f5a8dd372f
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: H2
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:57 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 6b24af170d700e16-MXP
content-length: 43

Redirect headers

Date: Mon, 22 Nov 2021 19:49:56 GMT
Server: MT3 4133 baa842e master cdg-pixel-x1 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://sync.navdmp.com/sync?img=1&mdia=6652619b-f461-4800-ba27-53f5a8dd372f
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Mon, 22 Nov 2021 19:49:55 GMT

GET
H2 204 cms
cms.analytics.yahoo.com/ 0
0 107ms
34ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
Requested by: Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 2709ffc24586f09520807af65b6aa12f.svg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 3 KB
963 B 9ms
8ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/2709ffc24586f09520807af65b6aa12f.svg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a46978057caecf7869ff05b174b9499144990c93aba89dea5c5e38b3fe0b2c97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 23:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505185
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 924
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 23:30:13 GMT

GET
H3 200 c9410573296197343526d286f178fcbc.jpg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 3 KB
3 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/c9410573296197343526d286f178fcbc.jpg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97fa6802645b7673240fd33eab61c7e655fdb3e4550d61a39771c6375ac2b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 11:16:13 GMT
x-content-type-options: nosniff
age: 549225
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3007
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 11:16:13 GMT

GET
H3 200 28af368d3d47fc5c3ccc87378a16993f.jpg
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 12 KB
12 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/28af368d3d47fc5c3ccc87378a16993f.jpg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fecd11084ef963f52a2a6a0fc126fe4124b732a846e0bf2c239363f92a98538d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:22:41 GMT
x-content-type-options: nosniff
age: 462437
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12017
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 11:22:41 GMT

GET
H3 200 2216360da012d4ab1cf2525d698fa9ae.png
s0.2mdn.net/sadbundle/1538801963696034685/media/ Frame C35F 8 KB
8 KB 9ms
8ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1538801963696034685/media/2216360da012d4ab1cf2525d698fa9ae.png

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

890cbff0e67e79106d6c4280209fe4e796fd83dbd239a01c95bd199777f7e98e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1538801963696034685/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 05:36:36 GMT
x-content-type-options: nosniff
age: 483202
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7896
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:11:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 05:36:36 GMT

GET
H3 200 24a25f4cdd6c1001cf856754fae49d3a.jpg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 3 KB
3 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/24a25f4cdd6c1001cf856754fae49d3a.jpg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc0460ae3132ef7c64b455a236c91750039f638117a23e1fd37160013a665548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:07:29 GMT
x-content-type-options: nosniff
age: 463349
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2828
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 11:07:29 GMT

GET
H3 200 92c7870423fba294c754addb30bf6331.jpg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 3AA6 17 KB
17 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/92c7870423fba294c754addb30bf6331.jpg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d24d6ff6f25c5e9eaa7b26b4582c63267059c3120057c4223152789e4560337f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:46:29 GMT
x-content-type-options: nosniff
age: 306209
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17224
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 06:46:29 GMT

GET
H3 200 24a25f4cdd6c1001cf856754fae49d3a.jpg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 3 KB
3 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/24a25f4cdd6c1001cf856754fae49d3a.jpg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc0460ae3132ef7c64b455a236c91750039f638117a23e1fd37160013a665548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:07:29 GMT
x-content-type-options: nosniff
age: 463349
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2828
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 11:07:29 GMT

GET
H3 200 92c7870423fba294c754addb30bf6331.jpg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame F2EF 17 KB
17 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/92c7870423fba294c754addb30bf6331.jpg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d24d6ff6f25c5e9eaa7b26b4582c63267059c3120057c4223152789e4560337f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:46:29 GMT
x-content-type-options: nosniff
age: 306209
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17224
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 06:46:29 GMT

GET
H3 200 24a25f4cdd6c1001cf856754fae49d3a.jpg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 3 KB
3 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/24a25f4cdd6c1001cf856754fae49d3a.jpg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc0460ae3132ef7c64b455a236c91750039f638117a23e1fd37160013a665548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:07:29 GMT
x-content-type-options: nosniff
age: 463349
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2828
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 11:07:29 GMT

GET
H3 200 92c7870423fba294c754addb30bf6331.jpg
s0.2mdn.net/sadbundle/8992165578446582788/media/ Frame 5BD3 17 KB
17 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8992165578446582788/media/92c7870423fba294c754addb30bf6331.jpg

Requested by

Host: www.controle.50emais.com.br
URL: https://www.controle.50emais.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d24d6ff6f25c5e9eaa7b26b4582c63267059c3120057c4223152789e4560337f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8992165578446582788/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:46:29 GMT
x-content-type-options: nosniff
age: 306209
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17224
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:12:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 06:46:29 GMT

GET
H3 404 logo.png
50emais.com.br/novo/wp-content/uploads/2020/12/ 0
0 1313ms
1313ms Image
text/html 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://50emais.com.br/novo/wp-content/uploads/2020/12/logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 Cristiana-585x390.jpg
50emais.com.br/wp-content/uploads/2021/11/ 31 KB
32 KB 209ms
209ms Image
image/jpeg 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/11/Cristiana-585x390.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aafb761956e53d6ec88ccf71814f893cb04f18fb7cb55faac61c44f200939b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32084
last-modified: Thu, 18 Nov 2021 20:00:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YB%2FrVQBA%2FKKMa7e6R0IWXW4PS69NjIRmc%2FPjcpGU%2FTMZwY%2BjARZyqrZSNoMumL%2FAVhA3ucMqo9lY1yeuSwSuKul23dRgBor%2FM%2BFywb%2BHTkT6gcIB7Yo29TwYXKV0a8T7wlQMcBIl7T8d2gfkIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24af21c98fd618-MXP
expires: max-age=A10368000, public

GET
H3 200 Ana-Claudia-585x390.jpg
50emais.com.br/wp-content/uploads/2021/11/ 31 KB
31 KB 220ms
219ms Image
image/jpeg 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/11/Ana-Claudia-585x390.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d74d9fbc58d0b9dc7e8709ea65d8b73d0973528c61aa1a25211ba1ca7c42af82

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31542
last-modified: Thu, 18 Nov 2021 19:56:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NN1D6q4dicAVDSq%2BuCl15Ad3oq2dcOjKStAmlBFukqejaXWBcRZlBhkmQ2%2FqZk2zencBE7VGGIIpTYFzDaHyCjZPB4vBnjOSRpYoaZsKzKzOChM3viRtOxeNAmIq03bt1SwXz%2BFgQlhNS4bzNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24af21c992d618-MXP
expires: max-age=A10368000, public

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 23ms
23ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99434c2a6b394f22e1f08940863cae42e7115896e5c36c2c8ea6580457fd3d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 19:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9155
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 22 Nov 2021 19:49:58 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5776 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 22 Nov 2021 18:44:18 GMT
expires: Tue, 22 Nov 2022 18:44:18 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 621B 783 B
536 B 18ms
18ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a502e058272a3f84ce59a0764d9942c557d9d3d58f006d516b895dcf7e57176

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2xTBLsSujGX/XBqQlAv7eQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 22 Nov 2021 19:49:58 GMT
date: Mon, 22 Nov 2021 19:49:58 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-2xTBLsSujGX/XBqQlAv7eQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 5776 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 08:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Nov 2022 08:29:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 621B 0
0 58ms
58ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=216886627718645&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 Cristiana-585x390.jpg
50emais.com.br/wp-content/uploads/2021/11/ 31 KB
32 KB 32ms
31ms Image
image/jpeg 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/11/Cristiana-585x390.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aafb761956e53d6ec88ccf71814f893cb04f18fb7cb55faac61c44f200939b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32084
last-modified: Thu, 18 Nov 2021 20:00:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJ0KL41tC2VKxK4X6avOJwm6ljGfNWDklJEpoM3K3wh6%2ByIDtyobBx67HYAozCxmdJ%2B3CIo0CbcuktvfJ%2BQsdVFW9nwv003wChxNYjRH4EI%2BgVpbAjXBTKL5pu1DhomHmg0OetgeCofhjwc14g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24af231c30d618-MXP
expires: max-age=A10368000, public

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=216886627718645&bg=!jY6ljsrNAAZQLpa_UC47ACkAdvg8WjjYzjZYcpgV1dZKLaYsv8nAjv3YxGQjw2seJDuAqfQj2pd91wIAAABYUgAAAA1oAQcKACb7TNVYv1vUNW9qZilA1uBJrZ1_lqmRQWJ6pmqZDCkChkovyl1NUZkCkJpIl-LPRY3KJcAsaeNxeKV-xsWZgaywqMTNK4BoaAgcAzp9Q6djs8tHo6xDJQOv27UKd7HtAT20IjxcGhJA_vkOkyHcPeuQ4e-8jaoCaIPIuE1KUB9rJYsQxEydJun2V-qWSk5rwRreog6FmjXxJwZEkWmtT7EKx8VqArnJMA-76_stdjHvsqS8gSGIrxQsRncx3fedFYjnHQoHhakeia11fPyvDTV3j6dbPazeDENHDao04yXe3fd8nFWta_pxiqgUnCecEEEp-ni2VVnfXJUD7OYCIvL636n1gx8P9xM1o6RJ3s30U4_LifXH3ff9RItuHprHupak3yQAifOiAz9XFdc1eUO1arCLiZECA2S4RyJr37ZkDQYEk2hAFcoiNX4Nb9wOuJiWcKHwXY-db-Z9PiRhcNyK6vp27NsUCSWecioQbR4pgg8Ij43kPHeV9FFXpesyhAym8HKHPaNRKKm74k74UDv6dx6bvNvVwxjTAQABlt52aCfDwkhds-x_CSEbNlLQGXYRkkBt1fPjTkaeSYWRL5b8OPSSDaCM-Dbfb5UplxTKjn6aB7oZSh1fPQwlGEZBz2-Nao-nRohvsWuiyMVxS3XgdOFsSxNoPWvGq0IGsHkeg0yB-nT5D400gMj7jNeZK5rmoN_BcX4mW6GsZOstuFaEens-RacjOLlp-l6zUBTvdjPdbHl28zEToeB7kXJYvltb43s27ufvQdR6cTM22D8KJqWfVKaIIUoOdvAB9WWXk0U-zKKHB5R6LSfBqBXiT4LjwSXwi-0iOw0sdKDsEOKkY7Rw8aaLdplkZPUg-ei7bFOuEB8XSNKpvpSX1H2XcuheHvUt7xnDNNzEwYSe0OZ4hyvYNreHqmFT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Ana-Claudia-585x390.jpg
50emais.com.br/wp-content/uploads/2021/11/ 31 KB
31 KB 26ms
26ms Image
image/jpeg 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/11/Ana-Claudia-585x390.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d74d9fbc58d0b9dc7e8709ea65d8b73d0973528c61aa1a25211ba1ca7c42af82

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31542
last-modified: Thu, 18 Nov 2021 19:56:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SKTfF1efXuzkux%2FsE1dl7v%2F8VSK1DJ9fKQ8eujbLkYldOCRRFQq1UcM%2Biru0SH59wsBUiZYzjntkXN1u2zNMZJtwv1vLXdnwQoR4mX%2BBlKRdPCz9QVDLHK8ntaN1qvK2w1VjfU5mwgr8zqmjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24af232c42d618-MXP
expires: max-age=A10368000, public

GET
H3 200 Rita-3-480x528.jpg
50emais.com.br/wp-content/uploads/2021/10/ 49 KB
49 KB 187ms
187ms Image
image/jpeg 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/10/Rita-3-480x528.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e610bd57207edc9b6f8addfc5d5be910aa1564c5c7d80b57495e4f99c71e2111

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 50032
last-modified: Thu, 18 Nov 2021 19:50:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VEMI16CMVdlGF4%2BMGQoJ%2Fzh%2BamI%2BAulnYFiIr6vxBRnK4TTWAQJTIC7WCdQznUoqPPbHjNp%2FuN0ojcPWw%2Bn4G8YJlgbwqnwijLBXBJxOlT0gKlLAzByn2qDQOTUjbP51xUZS7EZkE%2BtZBHnPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24af265a15d618-MXP
expires: max-age=A10368000, public

GET
H3 200 Leilane-480x505.jpg
50emais.com.br/wp-content/uploads/2021/10/ 38 KB
38 KB 194ms
193ms Image
image/jpeg 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/10/Leilane-480x505.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6721e131fa80308740e1d077be6ce01f674cf7b1f9db636437b971f0400863c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38763
last-modified: Thu, 18 Nov 2021 19:44:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fz77LwlY%2B%2Fe2Dc13REfUW67POJSc%2BEJgYd1%2Bd2ABoKlAdVfWZB2r1ultcXsYrPdR8SrVOh0TaJ5scpvzDQ6ja4h5x7wf2GZQa%2BihGRW3sQoxTTattYxTlKRe1BRW6C8b4SPq1Hhn2Hvf%2B6sw%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24af265a18d618-MXP
expires: max-age=A10368000, public

GET
H3 200 Rainha-1-480x525.png
50emais.com.br/wp-content/uploads/2021/10/ 316 KB
316 KB 278ms
277ms Image
image/png 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/10/Rainha-1-480x525.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1535280eddf01aa0ad786b1f2259864e870b071f4c576ec7a3cf768b6d60a36a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 323261
last-modified: Wed, 20 Oct 2021 01:09:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SuyIsCS8CTe3Paf%2BvL7r1tU5yUj532UIMbmXK9dxn0gaANhYGpjRDUZ6%2BjyWx3iJri7y9yy1aKYL4o%2FtIlt2SlcQ%2BSq3SRzefW1qcQYkBAjLXyvfkC2rEa2J5XYRQFJm5GnsOMJuszAfYR%2FiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24af265a1ad618-MXP
expires: max-age=A10368000, public

GET
H3 200 Rita-3-480x528.jpg
50emais.com.br/wp-content/uploads/2021/10/ 49 KB
49 KB 37ms
36ms Image
image/jpeg 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/10/Rita-3-480x528.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e610bd57207edc9b6f8addfc5d5be910aa1564c5c7d80b57495e4f99c71e2111

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 50032
last-modified: Thu, 18 Nov 2021 19:50:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtIj2j0W3XWl36xX7gzgmXesl%2BR4W0%2BdlrKnIo7dzkSYN2jrSSM94gOeMnC6TkasTBp7DqtGMwXnwvbNbcc%2BtEB1VNRdSp0rQgge%2FhUKSqb7Waf02jhfJIawNUoR0zf3nPjEoU8drHtxwWA6eA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24af279c3ed618-MXP
expires: max-age=A10368000, public

GET
H3 200 Leilane-480x505.jpg
50emais.com.br/wp-content/uploads/2021/10/ 38 KB
38 KB 31ms
30ms Image
image/jpeg 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/10/Leilane-480x505.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6721e131fa80308740e1d077be6ce01f674cf7b1f9db636437b971f0400863c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38763
last-modified: Thu, 18 Nov 2021 19:44:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNXzP2oUoSC24t8UOBlama0OgKfyrxClmmp9tKv3LpW8wLYRktFXVjs8Cyc6b3gRVVqXC9ozcdPBxu%2F5ZplAqiZ6v%2BehKOyHEdtV3JyMbXy%2F7o2%2FXMdkYgVjQkmzN%2FXH5LY%2BkNtCt1uHU9LXdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24af27ac5cd618-MXP
expires: max-age=A10368000, public

POST
H2 200 /
track.adform.net/serving/unload/ Frame 9170 35 B
468 B 21ms
20ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=3056486475530267447@@49556873,1839882682780260163,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|Z8-jqbOXeiHxBx_RTJEBJ53siZXp32h0-Ef6yFGByeS3-GKshrck7om3nyX34Xgm0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ad3.ad-srv.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 19:49:59 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ad3.ad-srv.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 Rainha-1-480x525.png
50emais.com.br/wp-content/uploads/2021/10/ 316 KB
316 KB 30ms
29ms Image
image/png 2606:4700:3033::ac43:a59d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://50emais.com.br/wp-content/uploads/2021/10/Rainha-1-480x525.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a59d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1535280eddf01aa0ad786b1f2259864e870b071f4c576ec7a3cf768b6d60a36a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.controle.50emais.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 19:49:59 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 323261
last-modified: Wed, 20 Oct 2021 01:09:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jLMEBpz%2BgINczeEEqwDC5UDLEZ%2Bpl6Q5sLzpAuhGYBedzQttnpA1xAaogZZ2eNhlJvgBka6hKTwI3ejQyZzSWQod5jxprZz%2FEMQWefQlWqFhYTn3BIbOP7ogWLnpulQUjgiYpdXbNAG20R23w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6b24af28ee98d618-MXP
expires: max-age=A10368000, public

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 50emais.com.br
URL: https://50emais.com.br/wp-content/themes/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0

Domain: 50emais.com.br
URL: https://50emais.com.br/wp-content/themes/soledad/fonts/fontawesome-webfont.woff?v=4.7.0

Domain: 50emais.com.br
URL: https://50emais.com.br/wp-content/themes/soledad/fonts/fontawesome-webfont.ttf?v=4.7.0

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

81 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 01:03:06	Name: sync Value: CgoIgQIQzbjKydQvCgoI4gEQzbjKydQvCgoI5gEQzbjKydQvCgoIhwIQzbjKydQvCgkICRDNuMrJ1C8KCQg6EM24ysnULwoJCAsQzbjKydQvCgoIjAIQzbjKydQvCgoIzgEQzbjKydQvCgkIXxDNuMrJ1C8=
.www.controle.50emais.com.br/	1969-12-31 23:59:59	Name: serverdoID Value: ul6a3v39hanbd21q2g5bmu3s35
www.controle.50emais.com.br/	1970-01-19 22:53:32	Name: ppwp_wp_session Value: d278fd06e9ef84e360c57a9d639b98d9%7C%7C1637612386%7C%7C1637612026
.50emais.com.br/	1970-01-20 16:24:42	Name: _ga_P0BMD5VBL0 Value: GS1.1.1637610590.1.0.1637610590.60
.50emais.com.br/	1970-01-20 16:24:42	Name: _ga_0MKF9LMFXX Value: GS1.1.1637610590.1.0.1637610590.0
.50emais.com.br/	1970-01-19 22:54:56	Name: _gid Value: GA1.3.1834327091.1637610591
.50emais.com.br/	1970-01-19 22:53:30	Name: _gat_gtag_UA_35328918_1 Value: 1
.50emais.com.br/	1970-01-20 16:24:42	Name: _ga_FWQ0QJKGL4 Value: GS1.1.1637610590.1.0.1637610590.0
.50emais.com.br/	1970-01-20 16:24:42	Name: _ga_4XLYWH46W4 Value: GS1.1.1637610590.1.0.1637610590.0
.50emais.com.br/	1970-01-20 16:24:42	Name: _ga Value: GA1.3.1954475619.1637610591
.50emais.com.br/	1970-01-19 22:53:30	Name: _gat Value: 1
.scorecardresearch.com/	1970-01-20 16:10:18	Name: UID Value: 1INR2LYHTLAFKGEUOQJJZ0g1637610592
www.controle.50emais.com.br/	1970-01-19 23:36:42	Name: _pbjs_userid_consent_data Value: 3524755945110770
.360yield.com/	1970-01-20 01:03:06	Name: tuuid Value: 0e98a8a5-2b96-45be-9582-8495d6fe9d95
.360yield.com/	1970-01-20 01:03:06	Name: tuuid_lu Value: 1637610592
.50emais.com.br/	1970-01-20 08:15:06	Name: __gads Value: ID=9874676139bf68f1:T=1637610591:S=ALNI_MYSeIbUQ8lN6eF7XPb2pzHTCBMQ9A
.adtriba.com/	1970-01-20 16:24:42	Name: atbgdid Value: 8f0979d4-dbfd-48b7-b852-d3e9a25b859c
.doubleclick.net/	1970-01-20 08:15:06	Name: IDE Value: AHWqTUlAkNSdAGk1hxq1vhLhpukmOsmuVkk0Nbx25V0wfRsH0JX7cpACMD5ul4BldXY
.adnxs.com/	1970-01-20 01:03:06	Name: uuid2 Value: 3543708976642828025
.casalemedia.com/	1970-01-20 01:03:06	Name: CMPS Value: 3219
.casalemedia.com/	1970-01-19 22:54:56	Name: CMST Value: YZv0YWGb9GEA
.redintelligence.net/	1970-01-20 01:03:06	Name: 8lcfmzhxc8d6_uid Value: 37dcf35436bd3ee3
.casalemedia.com/	1970-01-20 07:39:06	Name: CMID Value: YZv0YcrO2EkNM3gfnnqPiQAA
.casalemedia.com/	1970-01-20 01:03:06	Name: CMPRO Value: 1177
.adfarm1.adition.com/	1970-01-20 01:03:06	Name: UserID1 Value: 7033483940528915685
.advertising.com/	1970-01-20 07:40:32	Name: APID Value: UP5c6c681a-4bcd-11ec-9a64-06ff4103d6f8
.blismedia.com/	1970-01-20 07:39:10	Name: b Value: 619BF461A5F4805909863B5CBLIS
.lijit.com/	1970-01-20 07:39:06	Name: ljt_reader Value: 7d3532ad3922978cb6f34df3
.casalemedia.com/	1970-01-20 07:39:06	Name: CMRUM3 Value: 2d619bf4612760CAESEIGa3doVYOwn3Ty8kk_QCME
.adform.net/	1970-01-19 23:36:42	Name: C Value: 1
.turn.com/	1970-01-20 03:12:42	Name: uid Value: 2381274326146706719
.simpli.fi/	1970-01-20 07:40:32	Name: suid Value: 1B9DFA235640482C98A707F76EC69423
.adform.net/	1970-01-20 00:19:54	Name: uid Value: 3056486475530267447
.1rx.io/	1970-01-20 07:39:06	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-06f335ca-9643-4c6b-b7f9-0c151262584c-003%22%7D
.quantserve.com/	1970-01-20 01:03:06	Name: d Value: EFgBCQHkJIEA
.quantserve.com/	1970-01-20 08:23:44	Name: mc Value: 619bf461-5323e-e0ca2-900a1
.3lift.com/	1970-01-20 01:03:06	Name: tluid Value: 13626804120658146823
.openx.net/	1970-01-20 07:39:06	Name: i Value: 175b0e6b-f43e-4e7f-b6f8-35ce8c99f953\|1637610593
.mathtag.com/	1970-01-20 08:19:25	Name: uuid Value: 6652619b-f461-4800-ba27-53f5a8dd372f
.mathtag.com/	1970-01-19 23:36:42	Name: mt_mop Value: 4:1637610593
.yahoo.com/	1970-01-20 07:39:28	Name: A3 Value: d=AQABBGH0m2ECEO7d-DnV7WQtrRBxVIn7ES4FEgEBAQFFnWGlYQAAAAAA_eMAAA&S=AQAAAjXECNE0xbOAzdUkz8yco-E
.analytics.yahoo.com/	1970-01-20 07:40:32	Name: IDSYNC Value: 18wq~21oj
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP5c6c681a-4bcd-11ec-9a64-06ff4103d6f8
.yahoo.com/	1970-01-19 22:54:56	Name: APIDTS Value: 1637610593
.everesttech.net/	1970-01-20 07:39:06	Name: everest_g_v2 Value: g_surferid~YZv0YQAGlxBqeABG
.targeting.unrulymedia.com/	1970-01-20 07:39:06	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-06f335ca-9643-4c6b-b7f9-0c151262584c-003%22%7D
.adnxs.com/	1970-01-20 01:03:06	Name: anj Value: dTM7k!M4/AdWIy(ghqdmU(7T>eZZL>#?nFtNW9ThRe4r:[f-zyRnu7%7w3KUnO=Jyod=4hF(::=Ez[Z7>9BWlCgKn=TD._Pl[g2ncfc4o(1Y(`FwO6<5WoW=!Y?(5+1kyj`:9E3`iCd^w$33=4z_i^w!5C!:D12e+1l.f!K51GmD6nD>6T]E:3#fD?).cD>Xi(b<627!@@OT2^IH
.adnxs.com/	1970-01-20 01:03:06	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiIzNTQzNzA4OTc2NjQyODI4MDI1IiwiZXhwaXJlcyI6IjIwMjEtMTItMDZUMTk6NDk6NTMuMDM3MjYzODY3WiJ9LCJpbXByb3ZlZGlnaXRhbCI6eyJ1aWQiOiIwZTk4YThhNS0yYjk2LTQ1YmUtOTU4Mi04NDk1ZDZmZTlkOTUiLCJleHBpcmVzIjoiMjAyMi0wMi0yMFQxOTo0OTo1MloifSwidHJpcGxlbGlmdCI6eyJ1aWQiOiIxMzYyNjgwNDEyMDY1ODE0NjgyMyIsImV4cGlyZXMiOiIyMDIyLTAyLTIwVDE5OjQ5OjUzWiJ9fX0=
.adsrvr.org/	1970-01-20 07:39:06	Name: TDID Value: 22675ca7-831e-4502-9479-219d365aee46
.bidswitch.net/	1970-01-20 07:39:06	Name: tuuid Value: 066e7bdc-27ce-4994-b0d5-32e928c4baf0
.bidswitch.net/	1970-01-20 07:39:06	Name: c Value: 1637610593
.bidswitch.net/	1970-01-20 07:39:06	Name: tuuid_lu Value: 1637610593
.bing.com/	1970-01-20 08:15:06	Name: MUID Value: 14A0539760A56A70005A436061776B16
.adsrvr.org/	1970-01-20 07:39:06	Name: TDCPM Value: CAESFgoHc3Z4OXQ1MBILCOTXypLp_pY6EAUYBSABKAIyCwj24NS-__6WOhAFOAE.
.ctnsnet.com/	1970-01-20 07:39:06	Name: cid Value: 94d36c3ac0c74fd2a09a0258ceced6ea
.bidswitch.net/	1970-01-19 22:53:30	Name: google_push Value: AYg5qPIjnfbT-pJZemwc2vzugQDFezvpPnhYAWA4J4nGEWSDMwY4P-kjwbvNkr7v6UaJGCSCX4vkgzRdRTik1j4DiTsf1aY2ZvMCpw
.w55c.net/	1970-01-20 08:22:18	Name: wfivefivec Value: xP4cnLxZ1MPfk55
.ad-srv.net/	1970-01-20 01:03:06	Name: pwzdy6wsn8n7_uid Value: e319f04396c83d56
.m6r.eu/	1970-01-19 22:53:34	Name: test Value: true
.w55c.net/	1970-01-19 23:36:42	Name: matchgoogle Value: 5
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:25:24	Name: bcookie Value: "v=2&a6ec3179-0ce3-48d8-88c7-ace7d6cb3efd"
.linkedin.com/	1970-01-20 16:22:10	Name: li_gc Value: MTswOzE2Mzc2MTA1OTM7MjswMjHX/tj3nAUnTsuA6Ql+G9IUrA5K6ZHtFlDP44OILSCWlg==
.linkedin.com/	1970-01-19 22:54:56	Name: lidc Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2691:u=1:x=1:i=1637610593:t=1637696993:v=2:sig=AQFBgO9XKsWl6BtN8okwpAQaoju2ROLE"
.m6r.eu/	1970-01-20 01:03:06	Name: cct Value: 1637610593945
.m6r.eu/	1970-01-20 01:03:06	Name: id Value: 3f4b6c5844a26861357c2a8b23e7fbde
.amazon-adsystem.com/	1970-01-20 04:11:44	Name: ad-id Value: A7JBzYuq0kyokSa97mV_bOE
.amazon-adsystem.com/	1970-01-21 19:40:32	Name: ad-privacy Value: 0
.creative.mlsat02.de/	1970-01-20 00:19:54	Name: trs Value: 52004994%3B908cbadb724971cc9012ced767276cc8%3B11430_473322_1637610594_5ced30b3-4bcd-11ec-9d39-2236c0dc0c5d%3B
.awin1.com/	1970-01-19 22:57:49	Name: awpv11430 Value: 473322\|1637610594\|5cfee3f0-4bcd-11ec-a546-22340e667dce
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 361931:2950366
.telekom.de/	1970-01-19 22:57:49	Name: viewvpnr Value: MetaPeople\|pv-NTIwMDQ5OTQ7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2Mzc2MTA1OTRfNWNlZDMwYjMtNGJjZC0xMWVjLTlkMzktMjIzNmMwZGMwYzVkOw..\|VB1049\|59814\|59814\|1-1105148698\|\|4001780
.tribalfusion.com/	1970-01-20 01:03:06	Name: ANON_ID Value: atnu7qriItgP3PTReCi1TWZabr3JMeo70So4EjLea4TxfUyPdWJMVhZd5TsZdwpeuZajDucOxFFcQBnllPVuD0aUG82qjqUH0d0uM9ZcJ7PBe
.adform.net/	1970-01-19 23:03:35	Name: TPC Value: 1637610594555
.aaa.artefact.com/	1970-01-20 07:39:06	Name: trscj Value: MTYzNzYxMDU5NHxMM1J5WTJzdlpYWnBaWGN2T1RBNFkySmhaR0kzTWpRNU56RmpZemt3TVRKalpXUTNOamN5Tnpaall6Zy9aWGgwWDNCMVlteHBjMmhsY2w5cFpEMDBOek16TWpJbVlqMHhKbTV2UFRFbVkzUnBaRDAwT1RReU1EYzVNU1owWnoxdFptMXRjRzlsYXlaamEzVnliRDB4fGFIUjBjSE02THk5aFpETXVZV1F0YzNKMkxtNWxkQzg9
www.controle.50emais.com.br/	1970-01-20 08:15:06	Name: cto_bundle Value: wogs0F9ncVhzWXo1MlAlMkZDb1VFVkElMkY2bzdJUUhkVyUyQjF4VG9qYnQlMkJLNUlpQVZTMzZSZjZRdzNYcmhlQWJpZURWUHJ1cE5IU29HcWNHalU0UHRpOURUNlI2VkZXdGgzaW95VFRIZUpJN0ZobmdvYXZWMkVjJTJCczZocFNURzRCT0hKbVVWa3Q
www.controle.50emais.com.br/	1970-01-20 08:15:06	Name: cto_bidid Value: AX0KpF9HU3VMNTFHVUdmMmpkUnZXQmZoeUdYVzcxdXUwUGNWdVU1eXR6SDRCTVlkcGpzNEI5dFl5NzRyaTNqT3lLTUZJSVdyVnBHTk00OHlLcVQ1SkdkNWdiQSUzRCUzRA
.50emais.com.br/	1970-01-19 22:53:30	Name: _gat__ppads_ga Value: 1
.navdmp.com/	1970-01-20 07:39:27	Name: ac3 Value: 1
.navdmp.com/	1970-01-20 16:10:18	Name: nid Value: fbe633f7c7fd504fa7c0dd77809\|1\|352
.50emais.com.br/	1970-01-20 07:39:06	Name: nvg46575 Value: fbe633f7cddfb2c723dd66c8509\|0_327

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.controle.50emais.com.br/ Message: Access to font at 'https://50emais.com.br/wp-content/themes/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0' from origin 'https://www.controle.50emais.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://50emais.com.br/wp-content/themes/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.controle.50emais.com.br/ Message: Access to font at 'https://50emais.com.br/wp-content/themes/soledad/fonts/fontawesome-webfont.woff?v=4.7.0' from origin 'https://www.controle.50emais.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://50emais.com.br/wp-content/themes/soledad/fonts/fontawesome-webfont.woff?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.controle.50emais.com.br/ Message: Access to font at 'https://50emais.com.br/wp-content/themes/soledad/fonts/fontawesome-webfont.ttf?v=4.7.0' from origin 'https://www.controle.50emais.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://50emais.com.br/wp-content/themes/soledad/fonts/fontawesome-webfont.ttf?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL_ilD1QltSlzhB6PG815e65tIubnQ14IvaDYKeJdR3wSjcq7OoYOcTtTMS0sNwDpCbT688-g7a4E4pR8E2-VB0hGiyR1kt&google_hm=VHkwR0NhMzVMZGE5elhnNTRzV3VSRmlmWEgtU0tNTk9pNmNvT0lIWHBzOA&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://50emais.com.br/novo/wp-content/uploads/2020/12/logo.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

011e237047ecacba8b35e475d70a62d3.safeframe.googlesyndication.com
50emais.com.br
5994599.fls.doubleclick.net
a.tribalfusion.com
aaa.artefact.com
acdn.adnxs.com
ad.360yield.com
ad.ad-srv.net
ad.turn.com
ad13.adfarm1.adition.com
ad3.ad-srv.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.google.com
ap.lijit.com
b1sync.zemanta.com
c.bing.com
c1.adform.net
cdn.ampproject.org
cdn.contentspread.net
cdn.navdmp.com
cdn.taboola.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
controle.50emais.com.br
creative.mlsat02.de
d.adtriba.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
eb2.3lift.com
ebs08.telekom.de
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90001.redintelligence.net
hal90008.redintelligence.net
ib.adnxs.com
imagesrv.adition.com
imasdk.googleapis.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.everesttech.net
pixel.mathtag.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.adnxs.com
px.ads.linkedin.com
r.turn.com
rechtstexte.s3.amazonaws.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
sb.scorecardresearch.com
script.4dex.io
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.mathtag.com
sync.navdmp.com
sync.targeting.unrulymedia.com
sync2.navdmp.com
tag.navdmp.com
tags.premiumads.com.br
tpc.googlesyndication.com
tr.blismedia.com
track.adform.net
tracking.m6r.eu
tracking.mlsat02.de
um.simpli.fi
ups.analytics.yahoo.com
usr.navdmp.com
www.awin1.com
www.controle.50emais.com.br
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
50emais.com.br
cm.g.doubleclick.net
104.111.239.217
116.202.48.214
13.35.253.75
138.201.63.117
138.201.63.150
142.250.186.70
142.250.186.98
151.101.129.44
151.101.194.49
151.101.65.108
169.50.137.184
178.250.0.157
18.156.0.31
18.158.154.136
185.29.134.244
185.86.138.120
185.86.139.94
190.89.238.22
2.18.233.201
2.18.234.21
2001:678:cb4:bbbb::11
212.82.100.182
213.19.147.44
216.58.212.162
217.79.188.54
217.79.188.59
2600:9000:211e:8e00:1b:5138:8a40:93a1
2606:4700:20::681a:e79
2606:4700:20::ac43:4bf1
2606:4700:3033::ac43:a59d
2606:4700::6810:ef3
2606:4700::6812:372
2606:4700::6812:d05
2620:116:800d:21:f916:5049:f87f:108e
2620:119:50e8:101::9002:f05
2620:1ec:c11::200
2a00:1450:4001:801::2002
2a00:1450:4001:801::2006
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9d
2a02:2638:1::13
2a02:fa8:8806:13::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a05:d018:d29:3605:14b1:76c0:1806:81d9
3.120.29.221
34.247.120.79
34.96.105.8
35.156.121.212
35.186.193.173
35.227.252.103
37.157.2.237
37.157.2.248
37.157.4.29
37.252.161.190
37.252.173.27
46.4.10.49
51.178.130.209
51.38.120.206
51.68.117.182
52.18.11.109
52.218.37.170
52.223.40.198
52.29.24.121
52.46.154.242
62.149.0.72
64.202.112.63
66.155.71.150
72.251.244.142
72.251.249.9
76.223.111.18
78.46.111.106
8.39.36.141
80.158.66.20
85.114.131.235
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
012f916c0da7df9f2f60c07ecac0fb5112fca218ae271b22f976aeb4ae811d02
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
05bbbc33e08bd54b093b0a1fee762813282561d02bc7ab68f0334121f0333edd
063622804a80a1943ccc527e1ec569997b9057525a1fef3a289c0d478140c092
06b781625c8d0577f135ee01ef147916332782d0c80701dd2f8ae591a6705c1b
07949ef8b06f5ba5d0a5ca4cc1fdabe426a5f4691cc32157cf6966183d8317f2
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bce62845f452251d8e45686081503534f6b0845b6eb4344e2f70eb005269d43
0c21b40bcddb27c98e7b45526c7d07aeb091adbf8118fdb441d050b1f2275654
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1216bd7aa5997119027398f705ab0f681131c27fd822d5131a150d3151823d6b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
150269bbd0cd126b0e1a7d571ac5d6f264b390273da09c0f369704419994890a
1535280eddf01aa0ad786b1f2259864e870b071f4c576ec7a3cf768b6d60a36a
169da993c62a4c4aecd80b6899f294d1739ea12cc1cf508f996187400f749dbe
16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba
1953595a20737565fbdd8648632b281c3d70077e604eb840db547f12c35ba4fc
195ac7249e147ef6486617e755244f9272ff299b9da7f2123d368745bd035621
1be4a501718e342734d6dd0efeb8bd217b4a14c3996a011f6121932e9b62dca7
1d315d379787cd4ff09b068d3d1eb4ae967b97970879ba6ab85641e9d68ae16c
1dd3896a246a1ca4c38c3941b50e10c59b026234b80c8b46941d893d4ec387f5
1deab5f4e6d851e602f8c57761ace15a166d43fc6a2aecb587719499f58146c2
207192180585ca9d319fa5e390cba4b97303a8f3ecbd5d2b6a2f1cf0c44da141
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614
2539afa510b0aea243beb4b659728c1df3f6150f18021918ac3086757fa3700d
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f
25adf7ff32e58b0a5dc28cda288a035f54dfd63fc7600945b69dc160490649d6
279d8262aa7ef988bf58c2ebecb6bd6776a506bafdbc94c9b2698873fb5ff68d
287f314b8fb0641d8cc175a81e55f99fd27cd504babb7f9e03d86782ec12a4f9
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb
2b9c12ecf4b728446188ac9b95782ad2bd9329e2782045c44504e22828a11a36
2c6df64cde46715891f7900a9a6487029160da0b392494f0a1bbd2ef4e86ebe2
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2d58a2f9b63c13880d447c94ce862b75a46eb33c9d4cfdfe086c69ff970ba1be
3112f4b43b2c04ae1618d959628485ab4506420f8a0b468c906a949122ac8502
3165bd139d2e5b92fc5b95f3258fdd3d56996164c37bf97186e4febae0fe768f
336539a6a0d9739c251760f215e8519843b8e2c00e1fd3d08dfad302aa1820ff
342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e
345cf64eaee980af2b89c49b86955b1449e724690ff03cc73227a6d5edd60443
34b0d0396320f78f4a0371e6d58014dda2c73a95bd5683450465e6030e564539
357f773055a2de35c3e198af1d0ad35dc025dc8fc191e29c79e37d86db0851c6
360236fcf25d900022c92a94b9877b1296e720af1ce541e6cfd0f958b453a064
3684b8902fe2f3f96b32be42dca7f2621827f8c8b92fde984b5b1787dd06a17b
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38a73f03462fc87a808ef9264cbf32b7b4fda6cee89b5dbe292b5fd005e0ece3
39b8eeb9c8294d807905a4497eebf5cfb5788c2b17de18ec4f61fd396b360014
3a502e058272a3f84ce59a0764d9942c557d9d3d58f006d516b895dcf7e57176
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dca98ff7f2a872f0179c208691d64538f4bb69f43d3932b723ed39ed0f33d95
3e6acde1a483c1cfd05ef515b8a74523c2aa0c12e16d8ce04ae32275731d8782
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
40a565df3b00b870842de656ba83b8276653258fb3786ea06a1ea2e2cdafb5e7
44e5cce4833156616ef9c01a06fdae59ab2cf464f2730999e24106351bb73277
44f8438740774b880cb7c84ee95ca74f6be640ffaa5312360bb16c855d6118ef
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49bf22db55c90506e75de96f1c91c446f0a7eacedff5e16dd5cd550c576f1d5d
4a63a0c2726eeb57c9dd5148a9873f7c21462b40bce95a1afd904941deef06e7
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e8b062018e10f9da5279f7ea03eb0f229a656ba1f82016ed76a82ae1e70cf6d
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
528ed787a4bd37642413945a1622bcfb77860d14711673fd1bf06346d870052b
5515223ac2cb272d4dcf91a4aefced55a3d51bb3207cee2f11fae692b8dbabc4
556b9c48c9f361ff90a341f559278f7b6e785497a8938882f644bc5da77c9c91
587e022b442a0d7013a27f5fd2db035e28a74318d44dac1ac431f124c615bb37
58d4e853b1ffdd4bd58a6c6fbb132d255bea7cb5eb25fe15485c717b1640cb92
5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c9da84fc8a3c440af55286ca96a28c0009a3f95cc4c72f03d77b3f78f2cbf8e
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5d9bb19045619b6f39f75cc6ace78b6847e3ead1a6069daa2770d382bc49b29f
5fd3ac8cae2a5a56096ab98b83ed8154ec7ff769a7f21efa30328bb847fc4f41
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
62ac1bbae44bf350c08131988746b1d88c7479d6ce11cb5e637eee4999bbd4c3
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
661e00570c65c29528d9ce6ee19e5e9939986716c293def67b07f8b6a191b018
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6721e131fa80308740e1d077be6ce01f674cf7b1f9db636437b971f0400863c7
6774b544506a73b8156b33e49761e33c3b1ac4ba8320efa6b7dafa143a93c3b2
69078f0806addf55656e35a8c891b069046ab12c35259dc2cbc5211292b0216c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d04d93508f8554bfeed7261187fe9a229b5d1552ac019fe9b344cb245761af4
6e3a1219d42ca8866e00d0467794a7ac5f59f707b4c78d2c1619c39292191119
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
73a2df3fe6bb239f8079a019199af2e7d04b2537bf175ab246f58d8a5484a30b
73bfaf828891a1fe33ce82ea5331b0c1381538486104a8740c309de4394254cf
73d3a11f2393493713e9a9e44601bc3951e581de3c428d9cfe40c580e32e3f66
771176db448d0e5343ef0d95614c157949ab376afec10f1f96669dbe1e3bb983
77af300b4280b2bec96a45a88fff537447cfa36f16e74a9e44e1a03ec4bf7b09
7993a9292daeef51dfefafa5714204ba98383ad783dbd19f937cc508111c2815
7b83267ff7f3b137c601915fc48f2fbf7f8402eeee525bfe03f3452ff1812cf8
80b40dfccd975298f1bbfdea08ce8e09da822b75ba8992f06da14122fe2de8c3
8222df6ecc03f3daa69b935819c36beb91e12ccad6f0346c435167e3de224d51
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
872089c45f5e10cfb40af5ed4b0e6659fd512dbfd043f1f44e6700f5ec021e2d
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8
890cbff0e67e79106d6c4280209fe4e796fd83dbd239a01c95bd199777f7e98e
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8aafb761956e53d6ec88ccf71814f893cb04f18fb7cb55faac61c44f200939b7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f1e0bf5cd4438a81dc955241767b8f0e20ef9dbdeee6c8b13821f0120e9e3ca
9102f36135678780622763537404f2b48985533988d21b75296da0b9a4fbedf3
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
91644b2e470f05d7821bf618fd4f0613fd574db3e5cb031c30857681c0a1d681
917471453fb98f07f2476f9dd4f125d08e935a7e1fcfd116f82a2a27310aa4c3
9311b7f2bd53a7d072fd1b1b7781767de8fdf1e8aeadcd667a6053c0245647aa
947360463dacd7a7758861266ccdc00693ca798845d88090d7a4ecf83c5adb1d
968c2095067b9296d893fc128325973595d38b56d6789cec88ab1f8eb20253bf
979157323f77677cedde62e5473a672535b85acaa597ffc04f6ad487739575f5
97fa6802645b7673240fd33eab61c7e655fdb3e4550d61a39771c6375ac2b567
99434c2a6b394f22e1f08940863cae42e7115896e5c36c2c8ea6580457fd3d89
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af6cc766bb30e9809acc21d253b1c5bb67d998583cbb33d24d18b95f658b18d
9dd80e8d1ef04e377c544467eb35dde30e7f47f99f6370c6222201f7caf21bb4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2f5827f37602f0ada4640790bc6387b4facf76dfa80fc69307d5666588f70df
a34bdb9ef39dd11ec9a1c37d37c199306925c04cc4672ca47e4712d948d99528
a411ab2181e2e49bd2ecf2f06b3e0db512532cf4ed7b8cf66e68daefd0018879
a46978057caecf7869ff05b174b9499144990c93aba89dea5c5e38b3fe0b2c97
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f367d720fec23438ef17e4a32c05129ed2e6dd5163167c9dd0787ea1f62de5
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d4139a86f5c5467ae6cb400f0ae7b95995f6ed3da681d17ce1cf8fdc6a0ca1
aa11f0abd5ae64550f45c1ff9c1aac8559a7f57e809fa92bd6265607bd269bbc
ac16fc5f13f63940f69a759a66af2e058a6a109d41327670f47f63bd9bacadb6
acf5a8ec1316a73cfe9de3fce899c49d2e770bd8170a5e2017b445dd424fdd2d
ae6b882f0a53c53e1381de28e92959aa2c27d49ae801a8d2f7489934cef96baf
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18714d07837edd237a5deb7c106444141eda6ef06fd337c823835b258db5415
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b416bc79b634a401972368a5a6564c0c27605c64caeb416440272a3cc918b279
b581342320730f7bb354f1bd28e36405c4987a3ecb4a696cfa77722f5af99fd9
b7d7ff37e6d35d54633e12d2077e5ab7987cdf5c93ed9ae93a1efca92bcdfe3b
b7e56b6138acf8dbf5f5bda2ddad9e99436c0694291507b0cfd6b754a7a7617d
b8b814cefc8fe9d1ea891eba850f93f66a1332b8f754b30334dff1018a5fcefb
b9aa88dea691dc26632897620a0320448c59cf5fc559dabe3ee43969e3e6cb29
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2e8a68e96ef3d9e906cdd9a4e168f516930e8a5ebaf78993d0a084106ead88
bbb32d3557106ff65d3e177ca4c8d2f51435ed2642194ba283c2dafe1580e560
bc029d31969917dcf55ad0a2c9f8aeeb87b077892905e30a6d857c102c7be1b0
bc0460ae3132ef7c64b455a236c91750039f638117a23e1fd37160013a665548
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd86a6cfd5c1f7083b0d8aa9a0a12064b37566c84b0c1810031452a39badfdcd
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf3e6de46b43de7927fb5d660336655743fe1e4b6fa2aaf2ef79327e47204f67
bfbf07509bb60b56671f2785777ed050bfbc6232633c83205f2723d36b51c045
c07872c94137c75eff810332cf06d85a8a5c82b5c3bf803a616c8079abfaa9d4
c1c9c8274dda2ffa74dc3442714fbf84b3f45c4394eb7e71c20acb5195401e31
c26099049a8384d1e39b1ff46ea05561556a6caa6c03bad3c2995c1e1d248ad5
c268fc5ce52b646b09f65d4f0f1b1749f9f94ca7854fd45072fa8cd2f45b0798
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c35409028cbabb0b1a2aac71d8d9e4f4fb54bb7a2ebb152a278dd0e5ab1c9e82
c38ea62bc42c8e5d2a082951c699a43cbe72004eb68645422cd410a10fc90d71
c4c17e69d4ac6e92bf62a3b13c142c711163523491aa06e3e5ebbd71f10e14a6
c5d25cf30eedb486007b7254d7c53c15e95dc8ef63d3750a2cfdcda93aa96ab0
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce45f021bb37070d011ba312a6162f46e215ccd2c30990bac8f6175903e0c291
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce
d12f1d9c35940a2b74b61e7125d12245c1de8c96e386583979963db701383d95
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1c8d9ff9c1560e683a10ae1e89c008a51446a225ec6a7aac7d97b5ec17df2f8
d24d6ff6f25c5e9eaa7b26b4582c63267059c3120057c4223152789e4560337f
d25a37b3070f33f86862bce97206a8f3f403e23ba39c7c8cd8c2f96266f19f03
d2a442e1bc1180697fefe701f9b67b9cf4d819e2837bdb43898a2db6ef8e8262
d37a2405c0b93ee3185da472d38a94829d0ba86e3b0e5dd0496747434abecf68
d49db392852eb7dd4c29a1d5d7b82f1ea281341982de3534030b92c0923c2b09
d59572b7482e805e1e1fa211d3194d35a961b1bc654bc2bf0199e65ac2f23e8e
d74d9fbc58d0b9dc7e8709ea65d8b73d0973528c61aa1a25211ba1ca7c42af82
d7eddb321010a8577cc10e75c593cd5abaed0fff6b1b54a2f173fd5cbd6f69b2
d8be3a402a3b2ad808402cea111ba3d286239d88e06c8e2969c84f46050dc88a
da748495448dc315ac368345fe0fcbe586c48d4f678c627c321d9eac2e50e290
dd4491d62238efbf3e620b3dd658471b39348e9ad70bc03c4f3b187e8ce7e37e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e0b3afe7215fdf3870c1a11be2dc11640d5619b1903b514188a62664acee716d
e0d71e9e83d526a320cdee881361d1abcf386a92a21c116a31976690453bc75c
e10f5db5dafa800c6ae93574bb95064d71f14276f5c05b1b1d360b25cbb5393e
e1950a73728c86ec63ab09d052e4feddf23b142ca571538c881a0d4b59f2f2e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fca32f632269b1634c720aede25bf10ff36a64794412d1d57760518cf25b6c
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e610bd57207edc9b6f8addfc5d5be910aa1564c5c7d80b57495e4f99c71e2111
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e673290a3bd09a1df4838e0d94a6c62ac0c6acefd697fa5e39338adc94b073d1
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e7a9aaef125713e5b57733e89b419b2dc7145efb1301fadc6eb312f21fbe0838
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e8ec2a4d84f51a4860526181c3822b954b3a134dc14446ba753b37708470171d
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ec487637619a54a090d035d8153916e64fd88c154c474c7310bae5eed9e12ca1
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef46e86368c01cffc9a55e4ae44acbe6f5366913c4cb3af0ef90fad6210bbe29
f0024887ff709b8092e43d9a46c8ff02180dd472531776ecf71c2ec2a5016ee9
f07ba81f420c82242a481582ef12e103601d453325cf74e7e193946c5018f03a
f1be92f892dd16f6bbb87ffded50c104f15d2affd786e535b3a5769c5057026a
f24c855a896952f27988b675b85ccfcdce4e656683fa3b9e8c365434697cd057
f2bc91a6f8715bd9d31fa1661959c6bd9896256680dfbf296b7763251d88b961
f330e0fb417aca7754f72a3978b8c45447cee678c2890d0e545f4250b835126d
f37f39febf8b5da433eb69c29cdb01e84db5d46f2da128cfb3baec34d904ad9a
f44e9eb57753942da426e2bd96735269fff91ab4596e9242949037b1a7d2d498
f5c70aa78032f283d68c609fed6495c6b44c5629ec8fe4fcdd67981f52b96376
f73f452b5961dbe04bffdc40586dc8c689e172c2dcbfa90353d92acb7a08c444
f8e0ada042a1632c2166e738bfcadc16b75afa484537f98895eeb72a7328b749
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
faa2d322e1d00616fe3e188ceb9ed67cd4c3fb1b9fb4b87dbfe44587e6e99e47
fb72142a17a3ab2aba7703aa0c296187a62d5c38ead165c5106afed3afa8961b
fb98ba43800108636c3d06692f962000641263d9c0bbdc99ff954e6cef4df720
fe0b42571ab123bb869bed26694f88ee0376a6208719a48162fb4ae3ed297005
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
fe6fb394ee0ca825d246e96f55680f2c732a677e8720d4d02bf2bc2ae256c58c
fecd11084ef963f52a2a6a0fc126fe4124b732a846e0bf2c239363f92a98538d
ff3b312159f18fe51eecea44be7ccd3553511ea25ba52e830791c6c70ac74c16

www.controle.50emais.com.br Open in urlscan Pro 190.89.238.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

519 Requests

83 %HTTPS

38 %IPv6

64 Domains

100 Subdomains

68 IPs

10 Countries

5747 kBTransfer

15803 kBSize

81 Cookies

60 Outgoing links

Redirected requests

519 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.controle.50emais.com.br Open in urlscan Pro
190.89.238.22 Public Scan

Screenshot
Live screenshot

Full Image

519
Requests

83 %
HTTPS

38 %
IPv6

64
Domains

100
Subdomains

68
IPs

10
Countries

5747 kB
Transfer

15803 kB
Size

81
Cookies

519 HTTP transactions
11 data transactions